Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

storing values in session during authentication

 
Adrian Perry
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello

I am Implementing Authentication. It does not matter what is the auth-method. It can be BASIC or FORM based. My question, that when the user logins, I want to store his user-id and password in session object. But I am unable to retrieve this userid and password through request.getParameter() or any other method. I am using JDBCRealm to authenticate.

Kindly suggest how do I store these values in session.
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you are going with the Container provided authentication(which you have already stated) , I do not think its possible as the authentication code is with the realm and even if you write your own realm then also creation of session at that point might not be possible.
[ July 09, 2007: Message edited by: Rahul Bhattacharjee ]
 
Adrian Perry
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Let me explain my issue indepth, as to what i am doing

When I am not using Authentication(ie no validation through auth-method), I have a login page, where the user enters his userid and password. This userid and password I authenticate with the entry in the database. When the userid and password is valid one, I store it in session object.

Now if anybody(anonymous user) happens to see my URL and tries to login into the system, using the URL, I try to check his userid and password in session object. In this case they will be null and thus the unauthorized user will be prevented from entering in the system.

This is the reason I wanted to store the userid and password of the authenticated user in session object.

So you can see if I am not using tomcat authentication, I am able to achieve my task. But with tomcat, I still unable to achieve the results that I desire. But I want to implement the authentication using tomcat container, because I want to use SSL.

If there is any other way to implement the above process, I would appreciate if you could share it with me.

Thanks again, for the prompt reply.
 
Adrian Perry
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

Is my question so simple such that it does not warrant any attention or is it that it so tough that it does not have any answer.

Expecting an answer to my question is not expecting too much, is it?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65340
97
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Adrian Perry:
Expecting an answer to my question is not expecting too much, is it?


Please read this.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic