4 Replies Latest reply on Jan 11, 2004 3:12 PM by John Vrab

    intercepting form based login

    ittay Newbie

      Hello,

      I'm using JBoss 3.2 bundled with Tomcat. I'm trying to intercept the form based login flow so I can do some pre and post processing. In particular, the post processing should have the information whether the login succeeded.

      I've tried all sorts of things: having the form's action be to a servlet which forwards to j_security_check, and also using a Filter implementation. Nothing does the trick.

      Please help,
      Ittay

        • 1. Re: intercepting form based login
          John Vrab Newbie

          Hello, Were you ever successful in resolving this issue; I noticed you had o replies. I am trying to implement a j_security_check filter, too. I have web.xml configuration set up. My filter.int() method is called, but the Filter.doFilter() method is not called when the j_security_action runs. Any ideas? Thanks.

          • 2. Re: intercepting form based login
            Andre Fernandes Newbie

            No need for filters here. You can hack the "catalina.jar" file and edit its "Authenticators.properties" file. Replace the line that states the class that intercepts any form submitted to "j_security_check". Ex:

            FORM=com.xxxxx.MyOwnFormAuthenticator

            This class will be created by extending the original "org.apache.catalina.authenticator.FormAuthenticator" class (it's easy). You can override its methods to, say, add session variables after the login succeded.

            See ya.

            • 3. Re: intercepting form based login
              Wouter Zoons Newbie

              there currently is no clean way of doing this, filters do not work because they are active only after submitting the login form

              maybe in the future

              I agree this is a considerable flaw in the design as most people that customize login also want to setup additional features (for example cookies etc...)

              Wouter.

              • 4. Re: intercepting form based login
                John Vrab Newbie

                I took your advice, hacking the "catalina.jar" file; editing the Authenticators.properties, and extended the FormAuthenticator class to log some method calls. I receive the following exception on deployment.


                14:53:07,683 ERROR [Engine] ContextConfig[/jobwizard4] Cannot instantiate an authenticator of class com.blackdot.jw.security.JWFormAuthenticator
                java.lang.ClassNotFoundException: No ClassLoaders found for: com.blackdot.jw.security.JWFormAuthenticator
                at org.jboss.mx.loading.LoadMgr.beginLoadTask(LoadMgr.java:161)

                Any idea/s how to negotiate this exception? Thanks in advance for any help you can provide.