Custom authentication and extending the login.jsp element.
Cantor, Scott
cantor.2 at osu.edu
Fri Aug 31 12:17:32 EDT 2012
On 8/31/12 11:59 AM, "PARDEE, MARTIN (MARTIN)" <mlp at research.att.com>
wrote:
>It looked to me that I had control flow like this:
>
>1) Shib intercepts attempt to reach resource via apache plugin,
This is the IdP, there's no Apache plugin.
>2) Control passed to my Custom Auth Servlet,
>3) Servlet redirects to login.jsp,
>4) Login.jsp has FORMACTION that goes to j_security_check (which
>disappears inside the container),
That's not how the handler works, see other email.
You're confusing container-managed auth, which can be used with the
REMOTE_USER handler (along with many other approaches), with the user/pass
handler. I believe the stock login.jsp is decorated to be usable in both
models, but they're not the same model.
-- Scott
More information about the users
mailing list