Forums Register Login

j_security_check

+Pie Number of slices to send: Send
Is there any way I can get a hold of the parameters going to the j_security_check?(Tomcat) because filters dont work on j_security_check?
I've found a dozen of questions about that topic on the web but no answers?
Anybody?

I just need to load some more informations to the bean from the DB about the user when he is logging in but form autentication simply sends the user to the requested resource if the username and the password are correct, and there is no room to do the above.
I am using tomcat, I know that some other servers ofer certain ways to do that but tomcat not even filters work, and they seem to be the best way to do that
+Pie Number of slices to send: Send
There are security implications that are designed to prevent what you are trying to do. I'm not saying it is impossible, just that in general you want to prevent people being able to intercept usernames and passwords.

One way, not necessarily the best, is to have a filter which watches all servlet access, waits till the getRemoteUser() is no longer null and then assigns the value. It can be a little verbose but it is a safe intermediate step.

Dave
No holds barred. And no bars holed. Except this tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com


reply
reply
This thread has been viewed 469 times.
Similar Threads
two different forms to authenticate
pre or post filter j_security_check
Tomcat 7 & j_security_check
j_security_check -vs- custom login
LoginFilter & j_security_check
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 19, 2024 00:30:32.