Mark Chai wrote:
> dear all,
>
> has anyone managed to set the user Principal in a http session using
> servlet-authentication? this is easy to do for container-based auth, but
> it's not flexible enough for a custom authentication and authorization
> module I'm creating.
>
> the only problem is that I cannot set a Principal into the http session
> and thus cannot use the typical code for checking role authorization, i.e.
> isUserInRole() for Resin or hasRole() functions in Tomcat?
>
> TIA,
> Mark
> m.chai(at)ieee.org
no, programmatic login unfortunately doesn't work with tomcat.
--
mvg,
Christophe Vanfleteren
|
