Carring extra-data in Login Form Authentication

Discussions

Web tier: servlets, JSP, Web frameworks: Carring extra-data in Login Form Authentication

  1. Carring extra-data in Login Form Authentication (1 messages)

    I'm using a tipical Login Form in a web app. But I want to add some extra input data into the form (in addition to the login and password input data).

    I've followed the specs SRV.12.5.3. Form Based Authentication. So I must create a login form such as:

    <form metod="POST" action="j_security_check">
      Login: <input type="text" name="j_username"> <br>
      Passoword: <input type="password" name="j_password"> <br>
    </form>

    But, if I add some extra input data (i.e. course) into the form:

    Course: <input type="course" name="course"> <br>

    How can I (if a can) retrive the data the user has sent in this form???

    When the user browse a protected URL, prior to that page, the container redirects him to the login form, then to the protected URL.
  2. There is no way to do what you want in the standard. Theoretically, you might be able to use a server-specific add-on to retrieve this information, but even that would be really hard.

    My suggestions:

    1. Have the user logon in one page, and enter the rest of the information in the next page.

    2. Create your own custom security system (so that you completely control the login).