I use form based authentication, and I want to bind User object to session. I don't know where I can create and set User as attribute if my form is directly passed to j_security_check? Should I use listener for that?
Are there any other sollutions for authentication? For example can I make my own form, pass it to my servlet, and make authentication somehow there? In that case should I change web.xml (login-config)?
Once the user has logged in, their username should be available on the request as getUserPrincipal
Joined: Oct 19, 2010
this helps only with one part of my problem, but thanks anyway. I need only once, right after authentication, to create User object and bind it. I can't in every servlet write same code for binding User into session. Maybe something like this stackoverflow example