3 Replies Latest reply on Aug 31, 2009 10:04 AM by Wolfgang Knauf

    Custom Authorization

    Brian unknown Newbie

      Hi. Is it possible to take a principal that I authorize in my own servlet and somehow stuff it into the JBoss container (or wherever it needs to go) so that the user remains logged in for the duration of the session? If so, how can that be done?

      Basically, I'd like to bypass the FORM authentication mechanism because I have custom code I need to use to handle redirecting the user after logging in.

      I've done a LOT of reading on this so far, and haven't found a way. Several people mention creating an InitialContext, logging into it, and calling EJB methods with it. The problem is that the user won't stay logged in for the entire session.

      Thanks.