[jboss-user] [Security & JAAS/JBoss] - Autologin Form Based Authentication with Cookie
srockny05
do-not-reply at jboss.com
Thu Mar 22 22:23:59 EDT 2007
Has anybody been able to get an autologin feature to work? This seems on the surface such a simple issue, but cannot find the answer anywhere.
I have FORM based authentication configured with a login page. There are a few problems when I try to auto login with a cookie.
First, I can only supply a j_username and j_password field in my form that posts to j_security_check. If I include any other fields (like a checkbox for autologin [remember me]) it gets lost.
Secondly if I set the autologin cookie someplace else and when the user wanders back to the site I want to autologin them in. I can create a LoginContext and log them in and get a Principal object and all that but Tomcat still thinks the user isn't authenicated when they go to a protected page because I didn't go through their authenicator.
What is the correct way of doing this? I was thinking of using javascript to submit the login form automatically when the cookie is present.
Thanks for any help!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4030914#4030914
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4030914
More information about the jboss-user
mailing list