1 Reply Latest reply on Mar 15, 2004 4:50 PM by starksm64

jaas login propagation

jesusaplsoft.es Mar 15, 2004 4:50 PM

Is there a way to propagate to HttpSession a login made using a servlet and jaas?.

I see that LoginContext.login() works fine BUT it is not propagated to HttpSession (or I do not know how...). That's why Tomcat request.getUserPrincipal().getName() cannot see it.
On the contrary, using login form authentication and j_security_check action, user is propagated ok and no need to use a custom login servlet.

The problem arises when you have a page filled with mixed components: protected and not protected and you ared using Struts and want to validate users as soon as a protected ref is clicked: Struts tells you that cannot find j_security_check page!.

There's is only one way to enter this application: protecting everything from the beginning by "/*" and using BASIC of FORM j_security_check authentication.

This way everything works but there is no way to logout user and stay in the same page. You must have a previous login page to enter this site.

1. Re: BB question

starksm64 Mar 15, 2004 4:50 PM (in response to jesusaplsoft.es)

"jae77" wrote:
just to clarify, are you looking for users to have the ability to edit/delete their own posts, or category moderation where a user can edit/delete any post on a topic?
I'd like to have users edit/delete their own posts. But my setting as my last post have all users edit/delete every post include other user's posts.
Actions