Custom authentication and extending the login.jsp element.

Cantor, Scott cantor.2 at
Fri Aug 31 12:17:32 EDT 2012

On 8/31/12 11:59 AM, "PARDEE, MARTIN  (MARTIN)" <mlp at>
>It looked to me that I had control flow like this:
>1) Shib intercepts attempt to reach resource via apache plugin,

This is the IdP, there's no Apache plugin.

>2) Control passed to my Custom Auth Servlet,
>3) Servlet redirects to login.jsp,
>4) Login.jsp has FORMACTION that goes to j_security_check (which
>disappears inside the container),

That's not how the handler works, see other email.

You're confusing container-managed auth, which can be used with the
REMOTE_USER handler (along with many other approaches), with the user/pass
handler. I believe the stock login.jsp is decorated to be usable in both
models, but they're not the same model.

-- Scott

More information about the users mailing list