I have just been catching up on some bookmarks and I found that Frank Nimphius had talked recently in his J2EE Security blog about "form-based authentication with Struts
" - I have used the IP Address based URL as orablogs still seems to be unreachable via its domain name. In this interesting post Frank talks about a question he saw on a mailing list about how to configure form-based authentication with struts so that single struts action can be used as the logon page and the error page for form-based J2EE authentication. The poster had presented an example that worked directly in a browser URL field but not at run time. Frank then goes on to present his proposed solution. This is an interesting post from Frank.