2 Replies Latest reply on May 27, 2004 11:49 AM by tang

    Form-based authentication

    tang

      I know that the fields returned from the form elements must be: j_username and j_password, and the action attribute must be j_security_check, but is there a way to return another form element (as if I had to get two passwords), and then how could I access this element from my LoginModule? Regards,

        • 1. Re: Form-based authentication
          starksm64

          No, not without non-standard integration with the web container such as a tomcat valve. See the example valve I posted here which adds the j_username to the session for use on the error.jsp page:

          http://www.jboss.org/index.html?module=bb&op=viewtopic&t=49711

          Similary a valve can be used to process additional fields.

          • 2. Re: Form-based authentication
            tang

            Thanks, I have another question:
            If a user try to access a page and is redirected to a form based authentication page, how can I dynamically determine the original page the user wanted to access.
            In fact, if my from based authentication page is deployed on another adress than the application, when I do my post to j_security_check, it doesn't work, I have to post to http://mymachine:8080/myapp/j_security_check. So I want to determine the adress of the application aimed in order to use the same authentication page for all my applications.

            Thanks in advance