-
1. Re: override j_security_check
admiyo May 1, 2002 5:33 PM (in response to redhonda)This is app server specific. In the case of tomcat it is handled by the class:
org.apache.catalina.authenticator.AuthenticatorBase
You could extend or replace this class, and add it to your server.xml; -
2. Re: override j_security_check
redhonda May 8, 2002 10:16 AM (in response to redhonda)> This is app server specific. In the case of tomcat
> it is handled by the class:
>
> org.apache.catalina.authenticator.AuthenticatorBase
>
> You could extend or replace this class, and add it
> to your server.xml;
I found org.apache.catalina.authenticator.FormAuthenticator from which I guess I can derive.
Can anyone elaborate on what needed to be added to the descriptor files? -
3. Re: override j_security_check
redhonda May 14, 2002 9:10 AM (in response to redhonda)The WebLogic folks have a few solutions to this issue that can't be applied to JBoss. So, no JBoss users have tried to do this yet?
-
4. Re: override j_security_check
dmitry_ame Aug 13, 2002 9:07 AM (in response to redhonda)Anybody knows what class do I have to extend/override for jetty?
-
5. Re: override j_security_check
gregwilkins Aug 14, 2002 5:26 AM (in response to redhonda)
There was a big discussion in JSR154 about deprecating j_security_check and adding and explicit login/logout method calls. But nobody could agree, so we dropped it again.
As it stands there is no standard way of extending the behaviour of j_security_check.
Jetty has both pluggable authenticators and realms, so you should be able to add your code in a non-standard way.
What are you trying to extends and I'll see if I can suggest the best way to do this.
I'll also have a look to see if I can open this up a bit in the next version of Jetty. I'll probably move authentication to a standard filter which will be able to be extended.
cheers -
6. Re: override j_security_check
dmitry_ame Aug 14, 2002 1:01 PM (in response to redhonda)I'm trying to put user specific data into session context.
I't be nice to be able to do it base on the results from standard authentication, if the standard authentication fails don't even bother with custom user logic.
The solution I have for now is a filter that redirects the request to the j_security_check, not exactly what I need but works with an assumtion that the standard auth logic and my custom user specific logic always succed or fail together.
Dmitry
P.S. http://jboss.org/forums/thread.jsp?forum=49&thread=19373 -
7. Re: override j_security_check
l.g. Aug 14, 2002 1:43 PM (in response to redhonda)
I't be nice to be able to do it base on the results from standard authentication, if the standard authentication fails don't even bother with custom user logic.
I'm using frames and javascript to to this.
Before submitting to j_security_check I submit user name to hidden frame and add it to the session.
If there is authentication error in LoginError.jsp you can remove user name from the session. -
8. Re: override j_security_check
srshende Oct 5, 2002 4:34 AM (in response to redhonda)where can I find the source code of j_security_check file.
I mean what if I want to specify other file in action tag.
Will I be able to validate user.
Regds,
Sanjay