http://www.junlu.com/
http://www.junlu.com/
I suggest using the Dispatcher (see chapter 6) pattern that is initial access point for each request in conjunction with Controller pattern
Something likes this:
Public class Dispathcher extends HttpServlet {
Private AuthenticationController authenticationController.
public void doGet(HttpServletRequest request, HttpServletResponse response) {
if (!authenticationController.authenticate(request)) {
response.sendRedirect("login");
return;
}
// 'authenticate' method will analyze the validity of this "AuthenticationInfo" cookie.
response.addCookie(new Cookie("AuthenticationInfo", <some encripted info>));
}
alternatively you can save AuthenticationInfo in your session. In this case Dispatcher require login upon each new user session while cookie can be saved
accros a time (days/months).
-----Original Message-----
From: An interest list for Sun
Java Center J2EE Pattern Catalog [mailto:J2EEPATTERNS-INTEREST@JAVA.SUN.COM] On Behalf Of Katz Guy
Sent: Monday,
February 16, 2004 10:40 AM
To: J2EEPATTERNS-INTEREST@JAVA.SUN.COM
Subject: Custom authentication
strategy
Hi all;
I have
a requirement for being able to log in from any page.
I
still want my solution to benefit from the container security services.
However,
the container will prompt the login page only for protected resource and many
of my resource are not protected but I would still like to be able to login
from those pages
What are my options here?
Any
thoughts will help
Thanks.