• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

J2EE Authentication

 
Hanna Habashy
Ranch Hand
Posts: 532
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Regarding Authentication in the DD.
When a user ask for a constrained resources, the container will ask for user name and password.
After the user login successfully, what will happen when the same user ask for another constrained resources? Does the container ask the user to login again? If not, where does the container retain the user name and password which the user entered in the first request?

Thanks
 
Ulf Dittmer
Rancher
Posts: 42969
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The container will ask again if the resource has an URL that is not part of the web-resource-collection that the user was authenticated for in the previous request.

And yes, the container will need to keep track internally of which user is authenticated for which resources, but that isn't exposed through the servlet API.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic