• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

j_security_check

 
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to programmatically do the above in java, how would I do it:
I enter a webpage in my browser, lets say http://localhost/contextRoot/secureResource
AppServer sees that I'm not authenticated, so it saves off my session, and
redirects me to the login.jsp( FORM based authenication ). Then I type in
username/password and I get the original page. I understand all this, but how does it work programmatically.
This is what I have in my code thus far. I get a URL for the original page, I get the cookie( session information ). It returns back the login.jsp page.
(Stumped at this point.)
What I am trying to do at this point is create a URL
http://localhost/contextRoot/j_security_root, and setting the requestAtrribute( "cookie", "cookie from before" );
But its not returning the right page???
Some ideas or example code as to how to do it would be great.
 
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Brian,
If I understand you correctly, here is what you want to do:
1) You encounter a page that requires user authentication, so your code checks the session to see if the user has authenticated...
Boolean loggedIn = (Boolean)session.getAttribute("loggedIn");
The user has not logged in, so your page stores its URL in the session...
session.setAttribute("page", "my_page.jsp");
...and forwards the request to the login page.
requestDispatcher.forward(req, res);
2) Now the login page receives a request so it displays a login form. The end user submits his login info; it is posted to the LoginServlet.
3) LoginServlet receives the login info and matches it against a database of username and passwords. The user has now authenticated successfully, so the LoginServlet wants to return him to the page he originally requested (my_page.jsp). So, LoginServlet accesses the session...
String redirect = (String)session.getAttribute("page");
...and redirects the end user to that page.
rd = getServletContext().getRequestDispatcher(redirect);
rd.forward(req,res);
4) Now the user is back at the page he started on and this time he is allowed to view the page because he has successfully logged in
Hope that helps!
 
A berm makes a great wind break. And we all like to break wind once in a while. Like this tiny ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic