Problem Using filter with FORM BASE AUTHENTICATION - Weblogic

This is a discussion on Problem Using filter with FORM BASE AUTHENTICATION - Weblogic ; Hi, I am using WLS 6.1 and tried using a custom filter to intercept the authentication request submitted from a FORM BASE jsp (using the j_security_check form). However, no matter what i've tried, it is always the authentication part that ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Problem Using filter with FORM BASE AUTHENTICATION

  1. Problem Using filter with FORM BASE AUTHENTICATION


    Hi,

    I am using WLS 6.1 and tried using a custom filter to intercept the authentication
    request submitted from a FORM BASE jsp (using the j_security_check form).

    However, no matter what i've tried, it is always the authentication part that
    gets executed before the filter.

    Any idea how could I intercept the request before the j_security_check servlet
    calls the security provider for authentication?

    TIA for any suggestions...




  2. Re: Problem Using filter with FORM BASE AUTHENTICATION

    Stephen wrote:

    > I am using WLS 6.1 and tried using a custom filter to intercept the authentication
    > request submitted from a FORM BASE jsp (using the j_security_check form).
    >
    > However, no matter what i've tried, it is always the authentication part that
    > gets executed before the filter.
    >
    > Any idea how could I intercept the request before the j_security_check servlet
    > calls the security provider for authentication?


    There is a (now deprecated) class weblogic.servlet.security.AuthFilter.
    I haven't used it because it is deprecated but I think it does what
    you're after.

    In my apps, I make the FORM auth submit to my own servlet which can then
    do what j_security_check does (most although not all is accessible
    through public APIs).

    Robert

  3. Re: Problem Using filter with FORM BASE AUTHENTICATION


    Hi Robert,

    thanks very much for ur pointers on the AuthFilter class.. will try that out.


    Robert Greig wrote:
    >Stephen wrote:
    >
    >> I am using WLS 6.1 and tried using a custom filter to intercept the

    >authentication
    >> request submitted from a FORM BASE jsp (using the j_security_check

    >form).
    >>
    >> However, no matter what i've tried, it is always the authentication

    >part that
    >> gets executed before the filter.
    >>
    >> Any idea how could I intercept the request before the j_security_check

    >servlet
    >> calls the security provider for authentication?

    >
    >There is a (now deprecated) class weblogic.servlet.security.AuthFilter.
    >
    >I haven't used it because it is deprecated but I think it does what
    >you're after.
    >
    >In my apps, I make the FORM auth submit to my own servlet which can then
    >
    >do what j_security_check does (most although not all is accessible
    >through public APIs).
    >
    >Robert



+ Reply to Thread