Tomcat HTTP Authentication
843834Apr 14 2002 — edited Apr 23 2002Hello.
I'm just wondering if it's possible to tell tomcat that a user has already been authenticated for http auth. Ie you may set tomcat usernames and passwords in the conf/tomcat-users.xml file, and using the web.xml file you can setup security constraints to certain parts of your web application. I want to provide my own user/password login page so that I dont have to have a box popping up and saying "Please enter user/password" (that the browser provides). So how can I set a user as 'logged in' on the server using my own login page and avoid getting the browser popping up an http auth login window?
I'm sure there is a way, I just can't quite see how. I'd assume I'd have to set something on their session, but what :-)
Thanks
John Baker