Win a copy of Java EE 8 High Performance this week in the Java/Jakarta EE forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

j_security_check  RSS feed

Posts: 29
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to programmatically do the above in java, how would I do it:
I enter a webpage in my browser, lets say http://localhost/contextRoot/secureResource
AppServer sees that I'm not authenticated, so it saves off my session, and
redirects me to the login.jsp( FORM based authenication ). Then I type in
username/password and I get the original page. I understand all this, but how does it work programmatically.
This is what I have in my code thus far. I get a URL for the original page, I get the cookie( session information ). It returns back the login.jsp page.
(Stumped at this point.)
What I am trying to do at this point is create a URL
http://localhost/contextRoot/j_security_root, and setting the requestAtrribute( "cookie", "cookie from before" );
But its not returning the right page???
Some ideas or example code as to how to do it would be great.
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If I understand you correctly, here is what you want to do:
1) You encounter a page that requires user authentication, so your code checks the session to see if the user has authenticated...
Boolean loggedIn = (Boolean)session.getAttribute("loggedIn");
The user has not logged in, so your page stores its URL in the session...
session.setAttribute("page", "my_page.jsp");
...and forwards the request to the login page.
requestDispatcher.forward(req, res);
2) Now the login page receives a request so it displays a login form. The end user submits his login info; it is posted to the LoginServlet.
3) LoginServlet receives the login info and matches it against a database of username and passwords. The user has now authenticated successfully, so the LoginServlet wants to return him to the page he originally requested (my_page.jsp). So, LoginServlet accesses the session...
String redirect = (String)session.getAttribute("page");
...and redirects the end user to that page.
rd = getServletContext().getRequestDispatcher(redirect);
4) Now the user is back at the page he started on and this time he is allowed to view the page because he has successfully logged in
Hope that helps!
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!