Custom authentication and extending the login.jsp element.

Cantor, Scott cantor.2 at
Fri Aug 31 12:15:44 EDT 2012

On 8/31/12 12:06 PM, "PARDEE, MARTIN  (MARTIN)" <mlp at>
>I just responded to Paul concerning the control passing issue. If I want
>to invoke my own version of login.jsp, how do I account for the fact that
>login is using j_secutiry_check to (somehow) get me back to a second call
>of my servlet, this time with j_username (or whatever) populated by that

I don't think it's using that, I think it normally points back into the
user/pass servlet. But I haven't really looked, I use Velocity-based forms
because I don't think having the UI inside the war is appropriate.

The j_security_check thing is container-managed auth, which would be
something one could do, but that isn't what the user/pass handler does.
>From memory anyway.

You're talking as though the JSP is somehow not under your complete
control. It can do whatever you want and your servlet behind it can do
whatever you want.

-- Scott

More information about the users mailing list