Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

J2ee container managed security doubt  RSS feed

 
Saha Kumar
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,

I want to use form-based login and container managed security.

I have a requirement as follows:

If an unauthenticated user is on web-page-A (unprotected page) and then tries to access web-page-B (protected page), the login page will be displayed and the user must login. After the user logs in successfully, the next web page displayed by the web container is web-page-A! Form-based login would have sent the user to web-page-B.

Can I still use container managed security and accomplish the above requirement? Should I go the route of Java Petstore and write my own web based security? Is there a method to call from the application code that will authenticate the user to the web container?

Thanks in advance.

-Saha
 
Nathaniel Stoddard
Ranch Hand
Posts: 1258
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You may be able to hack together a filter that redirects the user back to the first page after authentication is successful (instead of directing to the requested page). This assumes that your form-login page is a JSP and so some work can be done in it. Your application server may offer some proprietary interceptors to do something similar also.
 
Saha Kumar
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Nathaniel,

Thanks for the response. I have found a link which extends the form-based login to what I want. You may find it interesting.

http://www2.sys-con.com/ITSG/virtualcd/Java/archives/0808/beck/index.html#zip

Saha
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!