• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Devaka Cooray
  • Knute Snortum
  • Paul Clapham
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Bear Bibeault
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Ron McLeod
  • Piet Souris
  • Frits Walraven
Bartenders:
  • Ganesh Patekar
  • Tim Holloway
  • salvin francis

jsp login  RSS feed

 
Ranch Hand
Posts: 386
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have taken following example from http://publib.boulder.ibm.com

How does the request understand, which server to go to , when we have provided ACTION="j_security_check" ? Dont we need server name to send a rewuest to ? If username and password are stored in database, connection to database is taken care of by j_security_check ? If not, the how is security check performed in that case ?

How does redirection to another webpage take place , when we are using j_security_check ?

 
Sheriff
Posts: 67259
170
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As container-based security is part of the Servlet Specification, not JSP, this has been moved to the Servlets forum.
 
Bear Bibeault
Sheriff
Posts: 67259
170
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Have you checked to see what the Servlet Specification has to say on the matter?
 
Ranch Hand
Posts: 46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This login page is meant to work for JAAS.
Once you configure your server for JAAS authentication you should have the following values and you cannot change them:

if the authentication method is form then the action of the form shoud be j_security_check
the username field name should be:j_username
the password field name should be: j_password

changing anything in the above values the authentication will not work.

As for the redirection it is configured in the web.xml in the following tag:

<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.do</form-login-page>
<form-error-page>/loginRetry.do</form-error-page>
</form-login-config>
</login-config>

anyway for more details about JAAS go to this link:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html
 
Ranch Hand
Posts: 1512
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is what I know - j_security_check is a kind of target built into a web application container. So, how it's actually implemented is container specific. However, the URL that causes the login page to be invoked is probably stored somewhere, and then the login is successful, the user is redirected to the stored URL.
 
Charbel Keyrouz
Ranch Hand
Posts: 46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes exactly, once you configure your jaas authentication this url will be active.
 
It's a pleasure to see superheros taking such an interest in science. And this tiny ad:
how do I do my own kindle-like thing - without amazon
https://coderanch.com/t/711421/engineering/kindle-amazon
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!