tomcat: form submission when not logged in

Discussion in 'Java' started by Ittay Dror, Jun 22, 2004.

  1. Ittay Dror

    Ittay Dror Guest

    hi,

    i have the following scenario:
    1. a user has an open page, containing some form, and is not logged in
    (his login expired).
    2. he clicks submit
    3. tomcat recognizes he is not logged in, and so handles it, by form
    authentication, and forwards to login.jsp
    4. the user fills in his details and clicks submit
    5. tomcat authenticates the user and then forwards him to the original
    destination
    6. trying to handle the form submisssion (the original form), i see
    there are no parameters in the request. (this is because the user had
    to login at the middle)


    is there a way of going through this scenario and have the original
    form's parameters at the end?

    thanx,
    ittay
    Ittay Dror, Jun 22, 2004
    #1
    1. Advertising

  2. > i have the following scenario:
    > 1. a user has an open page, containing some form, and is not logged in
    > (his login expired).
    > 2. he clicks submit
    > 3. tomcat recognizes he is not logged in, and so handles it, by form
    > authentication, and forwards to login.jsp
    > 4. the user fills in his details and clicks submit
    > 5. tomcat authenticates the user and then forwards him to the original
    > destination
    > 6. trying to handle the form submisssion (the original form), i see
    > there are no parameters in the request. (this is because the user had
    > to login at the middle)
    >
    >
    > is there a way of going through this scenario and have the original
    > form's parameters at the end?


    Yes, this is possible. When the user submits his form the parameters
    are submitted as well. They are not used however, since you check
    first whether or not the user's session has not expired. The trick
    therefore is, to change your authentication code so that the
    parameters that the user filled in (but were discarded) are read out
    and saved to some temporary storage, as well as the page that this
    occurred on. When the user then re-authenticates, you can
    automatically take the user back to the page that he was last on and
    fill in the parameters again.

    Regards, Jonck
    Jonck van der Kogel, Jun 22, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. keithb
    Replies:
    0
    Views:
    625
    keithb
    Feb 16, 2006
  2. Replies:
    1
    Views:
    937
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Apr 12, 2007
  3. Lorenzo

    Form Authentication and logged in users (newbie)

    Lorenzo, Nov 17, 2005, in forum: ASP .Net Security
    Replies:
    3
    Views:
    141
    Brock Allen
    Nov 18, 2005
  4. Replies:
    2
    Views:
    104
  5. Jared
    Replies:
    5
    Views:
    195
    Jared
    Jul 10, 2003
Loading...

Share This Page