Let me explain my issue indepth, as to what i am doing
When I am not using Authentication(ie no validation through auth-method), I have a login page, where the user enters his userid and password. This userid and password I authenticate with the entry in the database. When the userid and password is valid one, I store it in session object.
Now if anybody(anonymous user) happens to see my URL and tries to login into the system, using the URL, I try to check his userid and password in session object. In this case they will be null and thus the unauthorized user will be prevented from entering in the system.
This is the reason I wanted to store the userid and password of the authenticated user in session object.
So you can see if I am not using
tomcat authentication, I am able to achieve my task. But with tomcat, I still unable to achieve the results that I desire. But I want to implement the authentication using tomcat container, because I want to use SSL.
If there is any other way to implement the above process, I would appreciate if you could share it with me.
Thanks again, for the prompt reply.