Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

tomcat j_security_check .. can I forward to it from a filter?

843841Nov 23 2005 — edited Nov 24 2005

Hi all, Im trying to setup a security configuration and im having the biggest headaches.. ive implemented jaas authorization and it works flawlessly.. the problem comes with authorization.. my request.isUserInRole() and getUserPrincipal and getRemoteUser keep returning null..

i figured out its because I was not posting to j_security_check .. or is it?

well anyways im thinking if I can use a servlet filter to authenticate, save the subject in the session and then forward the username, password to j_security_check with new fields j_username and j_password..

this i believe will allow me to use struts to authenticate actions based on roles and at the same time allow me to save the subject in the session for use in code..

any ideas?

thanks

jazz

Locked Post

New comments cannot be posted to this locked post.

Locked on Dec 22 2005

Added on Nov 23 2005

#java-servlet

5 comments

641 views