Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

j_security_check

 
Brian Stelzer
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to programmatically do the above in java, how would I do it:
I enter a webpage in my browser, lets say http://localhost/contextRoot/secureResource
AppServer sees that I'm not authenticated, so it saves off my session, and
redirects me to the login.jsp( FORM based authenication ). Then I type in
username/password and I get the original page. I understand all this, but how does it work programmatically.
This is what I have in my code thus far. I get a URL for the original page, I get the cookie( session information ). It returns back the login.jsp page.
(Stumped at this point.)
What I am trying to do at this point is create a URL
http://localhost/contextRoot/j_security_root, and setting the requestAtrribute( "cookie", "cookie from before" );
But its not returning the right page???
Some ideas or example code as to how to do it would be great.
 
Jon Wilson
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Brian,
If I understand you correctly, here is what you want to do:
1) You encounter a page that requires user authentication, so your code checks the session to see if the user has authenticated...
Boolean loggedIn = (Boolean)session.getAttribute("loggedIn");
The user has not logged in, so your page stores its URL in the session...
session.setAttribute("page", "my_page.jsp");
...and forwards the request to the login page.
requestDispatcher.forward(req, res);
2) Now the login page receives a request so it displays a login form. The end user submits his login info; it is posted to the LoginServlet.
3) LoginServlet receives the login info and matches it against a database of username and passwords. The user has now authenticated successfully, so the LoginServlet wants to return him to the page he originally requested (my_page.jsp). So, LoginServlet accesses the session...
String redirect = (String)session.getAttribute("page");
...and redirects the end user to that page.
rd = getServletContext().getRequestDispatcher(redirect);
rd.forward(req,res);
4) Now the user is back at the page he started on and this time he is allowed to view the page because he has successfully logged in
Hope that helps!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic