authentication with out using j_security_check
posted 6 years ago
Yes, that's possible - nothing forces you to use the built-in stuff. But then you have to code up the username/password comparison with your user data yourself, and react appropriately to success/failure. And you're not going to be able to use the getRemoteUser and isUserInRole methods - you'll need to store the user information in a session after a successful login.