Hi,

if you setup form based authetication, you can place a login-box
wherever you want, something like

<% if (request.getRemoteUser()!= null){%>
<form method="POST" action="j_security_check">
Name:<input type="text" name="j_username" ><br/>
Password:<input type="password" name="j_password"><br/>
<input type="submit" name="submit" value="log me in!"><br/>
</form>
<% }%>

which, if successful, takes you back to the page containing the login,
otherwise to your form-error-page. The Box only shows up, when the user
is not logged in, otherwise you can display the username.
We are using this all the time, works pretty well - for other forms of
authorization (e.g. Basic), you need to find a way to trigger the login,
maybe by some java-script, that opens up a protected ressource in a new
Window.

hope this helps
stf



Katz Guy wrote:

> Message
>
>
> Hi all; I have a requirement for being able to log in from any page.
> I still want my solution to benefit from the container security
> services. However, the container will prompt the login page only for
> protected resource and many of my resource are not protected but I
> would still like to be able to login from those pages
>
> What are my options here? Any thoughts will help Thanks.
>
> ====================================================================
> Companion Site: http://www.corej2eepatterns.com J2EE BluePrints:
> http://java.sun.com/blueprints/corej2eepatterns List Archive:
> http://archives.java.sun.com/archives/j2eepatterns-interest.html
> Unsubscribing: email "signoff J2EEPATTERNS-INTEREST" to
> listserv@(protected)

====================================================================
Companion Site: http://www.corej2eepatterns.com
J2EE BluePrints: http://java.sun.com/blueprints/corej2eepatterns
List Archive: http://archives.java.sun.com/archives/j2eepatterns-interest.html
Unsubscribing: email "signoff J2EEPATTERNS-INTEREST" to listserv@(protected)