-
1. Re: Automatic login after submiting registration form
The problem is, you are trying to get around JAAS
I'm pretty sure you have to force the guy to login, and I don't think there is any automatic login available.
Here's what we do, let him create a User ID, and either let him enter a password, or email him one.
Then direct him to a protected page, and he'll be redirected by J2EE to the login page. Once he authenticates there, he'll be passed to the page he wanted.
dt -
2. Re: Automatic login after submiting registration form
Thanks for your hint danl, but this is not suitable for my needs. I still beleive it must be a way to tell to sec manager that I want to add my programaticaly authenticated subject to its cache.
Maybe Mr. Scott might have an ideea. Thanks. -
3. Re: Automatic login after submiting registration form
Not sure if I am understanding your requirements but...
Maybe using org.jboss.security.SecurityAssociation?
SecurityAssociation.setPrincipal(...);
SecurityAssociation.setCredential(...);
Note this is not portable across JAAS implementations (only works in JBoss at the moment).
Alternatively create a javax.security.auth.login.LoginContext and login().
Regards,
Lisa -
4. Re: Automatic login after submiting registration form
No, this will not work. You have to convince tomcat that the current session has been authenticated. This would require a custom valve and/or custom tomcat authenticator. Its a deep tomcat specific integration.
-
5. Re: Automatic login after submiting registration form
I need to do the same thing. Has anything changed since last year in this area? Can someone point me to where I can get more information about how to do this?
Thanks. -
6. Re: Automatic login after submiting registration form
FWIW, I once had a similiar requirement (automatic login of web user). My pragmatic and simple solution then was to automatically submit a hidden form via javascript. Not really charming, but acceptable for an intranet-type application.