There are many websites that require a user to go through an email verification process by getting him to access the website with an url parameter consisting of a code sent to the email account specified.
Therefore, if an unverified user tries to access a secure page, a page shows up to tell him to go to his email account to click on a link there, for example. Users like him have a role called 'pending' while those already verified - 'user'.
I'm already using JBoss's j_security_check using form login. How could I realize the condition mentioned above ? Do I use a second <login-config> with a different realm in my web.xml ?
Any help will be more than appreciated.
Joined: Feb 16, 2005
Is there anybody who could help me with the question that I've asked ?
As no answer has been forthcoming, I guess it might be that my question is ambiguous. Therefore, I'll try again to be more specific.
Conventionally, using j_security_check under JBossSX, if a user fails to login, he will be redirected to a login error page specified in web.xml's <form-error-page> tag.
How do I while maintaining the usual login error page, redirect users with a specific role, to another page upon login?