I have read how easy it is to use authentication in a
servlet conatiner.by using <security-role> and what not. Ok it is easy but also fairly useless, since it doesn't allow for dynamic registration.
Is there an easy way to tell the container when a log in is valid and what role they have if the sign in and suthentication is done using a custom program so it can automatically handle authorization and things like cookies for all JSPs and servlets in the container?
For example, I store the hashed passwords, usenames and user level in some sort of database, When a user logs in, the data is sent to a program that checks the user data with the stored data. If the user is a valid user, then a cookie is created for the session and sent ot the user and then the conatiner automatically handles everything from there, allowing access only when alowed given the user level.