1 Reply Latest reply on Sep 21, 2006 7:48 AM by yakamax

    Autologin

    osganian

      Has anybody been able to get an autologin feature to work? I'm using FORM based authenication and I have a couple of problems.

      First, I can only supply a j_username and j_password field in my form that posts to j_security_check. If I include any other fields (like a checkbox for autologin [remember me]) it gets lost.

      Secondly if I set the autologin cookie someplace else and when the user wanders back to the site I want to autologin them in. I can create a LoginContext and log them in and get a Principal object and all that but Tomcat still thinks the user isn't authenicated when they go to a protected page because I didn't go through their authenicator.

      What is the proper way of doing this? I'd rather not write Tomcat-specific code like creating my own Tomcat authenicator. Besides, looked into it and can't figure out how to override the FormAuthenicator since there's is specified in a configuration file loaded on startup.

      I'm sure there is an answer out there somewhere! This is such a common feature that every website has to have and I'm sure Tomcat supports it!

      Thanks for any help!
      Mike