Has anybody been able to get an autologin feature to work? I'm using FORM based authenication and I have a couple of problems.
First, I can only supply a j_username and j_password field in my form that posts to j_security_check. If I include any other fields (like a checkbox for autologin [remember me]) it gets lost.
Secondly if I set the autologin cookie someplace else and when the user wanders back to the site I want to autologin them in. I can create a LoginContext and log them in and get a Principal object and all that but Tomcat still thinks the user isn't authenicated when they go to a protected page because I didn't go through their authenicator.
What is the proper way of doing this? I'd rather not write Tomcat-specific code like creating my own Tomcat authenicator. Besides, looked into it and can't figure out how to override the FormAuthenicator since there's is specified in a configuration file loaded on startup.
I'm sure there is an answer out there somewhere! This is such a common feature that every website has to have and I'm sure Tomcat supports it!
Thanks for any help!
me too !
Thanks for help