This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I want to authenticate a user after they register on my site with out having to send them to a login page. Is there a way to take the user id and password from my registration form and use that to authenticate the user instead of using the j_security_check action.
Yes, that's possible - nothing forces you to use the built-in stuff. But then you have to code up the username/password comparison with your user data yourself, and react appropriately to success/failure. And you're not going to be able to use the getRemoteUser and isUserInRole methods - you'll need to store the user information in a session after a successful login.
Joined: Mar 31, 2010
I see... But my goal is to continue using the container based approach, hence I want to emulate a j_security_check with out really doing it. I may have asked the question wrong. I don't want to manage access in the application, but will if it is the only way.