Hello, Were you ever successful in resolving this issue; I noticed you had o replies. I am trying to implement a j_security_check filter, too. I have web.xml configuration set up. My filter.int() method is called, but the Filter.doFilter() method is not called when the j_security_action runs. Any ideas? Thanks.

No need for filters here. You can hack the "catalina.jar" file and edit its "Authenticators.properties" file. Replace the line that states the class that intercepts any form submitted to "j_security_check". Ex:

FORM=com.xxxxx.MyOwnFormAuthenticator

This class will be created by extending the original "org.apache.catalina.authenticator.FormAuthenticator" class (it's easy). You can override its methods to, say, add session variables after the login succeded.

See ya.

there currently is no clean way of doing this, filters do not work because they are active only after submitting the login form

maybe in the future

I agree this is a considerable flaw in the design as most people that customize login also want to setup additional features (for example cookies etc...)

Wouter.

I took your advice, hacking the "catalina.jar" file; editing the Authenticators.properties, and extended the FormAuthenticator class to log some method calls. I receive the following exception on deployment.


14:53:07,683 ERROR [Engine] ContextConfig[/jobwizard4] Cannot instantiate an authenticator of class com.blackdot.jw.security.JWFormAuthenticator
java.lang.ClassNotFoundException: No ClassLoaders found for: com.blackdot.jw.security.JWFormAuthenticator
at org.jboss.mx.loading.LoadMgr.beginLoadTask(LoadMgr.java:161)

Any idea/s how to negotiate this exception? Thanks in advance for any help you can provide.