posted 14 years ago
Okay, I went through the nightmare of getting examples.security.jaas SAmpleCallbackHandler to work to the point where I can run:
It correctly returns a failed login attempt or a successful login attempt. The web.xml was set up with the following:
However, I am not sure what I need to do with my login.jsp page so that after doing the loginContext.login() it automagically goes back to the page that the security-contraint was set up to send me to the login.jsp page in the first place to log the user in if they are not in the role (i.e., in this case the role is Administrator).
Can somebody explain how this is supposed to work? How will weblogic know that the user is successfully logged in? Is the mere call of loginContext.login() enough? I see there is something called Subject and some mention of RunAs(), which I have no clue what it is. When I tried by the way to just use a parent.history.back() to go back if it sees the return code of the login was 0, it does not seem to leave the login page. Putting a back button with the same code puts me back not at the restricted page I was trying to go to, but back at the page that has the link the user selects to the restricted page.
David