M
Mark Chai
dear all,
has anyone managed to set the user Principal in a http session using
servlet-authentication? this is easy to do for container-based auth, but
it's not flexible enough for a custom authentication and authorization
module I'm creating.
the only problem is that I cannot set a Principal into the http session and
thus cannot use the typical code for checking role authorization, i.e.
isUserInRole() for Resin or hasRole() functions in Tomcat?
TIA,
Mark
m.chai(at)ieee.org
has anyone managed to set the user Principal in a http session using
servlet-authentication? this is easy to do for container-based auth, but
it's not flexible enough for a custom authentication and authorization
module I'm creating.
the only problem is that I cannot set a Principal into the http session and
thus cannot use the typical code for checking role authorization, i.e.
isUserInRole() for Resin or hasRole() functions in Tomcat?
TIA,
Mark
m.chai(at)ieee.org