Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

authentication

 
Don Bosco
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can we use more than one kind of authentication for an application. Like
servlet1 - FORM authentication
servlet2 - BASIC authentication
assuming servlet1 and servlet2 both belong to same application.
 
sean cee
Ranch Hand
Posts: 115
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Don,
I don't think you can since <login-config> is the element that specifies what authentication mechanism to use. and it is the direct child of <web-app> and the cardinality is 0 or 1.
So for a given application you can only use one authentication mechanism.
Correct me if I am wrong anyone.
Thanks
Sean
 
Mike Burnham
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Let me know if I am wrong but couldn't different web apps have different web.xml files? In that case, couldn't the authentication be different for these two apps?
Does authentication have to be the same for two servlets in the same web app?
 
Rama Raghavan
Ranch Hand
Posts: 116
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Authentication is to validate credentials of the client/user accessing the web-app.
Once authenicated, user may be authorized to access certain resources and not others.
Authentication is done once for the entire app, and each web-app would have its own web.xml to specify the Authentication method.
So - I guess, I don't see a reason why servlets should care about Authentication mechanism....
[ December 06, 2002: Message edited by: Rama Raghavan ]
[ December 06, 2002: Message edited by: Rama Raghavan ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic