• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

FORM atuthentication question

 
Ranch Hand
Posts: 1376
Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

I have a question related to form authentication.
<realm-name> element is not allowed within <login-config> element when <auth-method> is FORM.
But when i ran an example having login config element , there was no error on front end and authentication went fine.
Also in Tomcat logs, i did not got any error





This is confusing as let us say if we get an question in exam whether adding <realm-name> for FORM authentication will produce an error or not then what should i answer. Compilation error ? or No compilation error ?
 
Sheriff
Posts: 9671
42
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

<realm-name> element is not allowed within <login-config> element when <auth-method> is FORM.


Who said this?? Moreover, your configuration that you've shown doesn't actually use <realm-name> tag...
 
Rancher
Posts: 43016
76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The ultimate reference on what must -and what need not- be part of the web.xml file is the Servlet specification. If you search it for " name="realm-name " you will find that its schema entry specifies " minOccurs="0" " - meaning it is optional.
 
Abhay Agarwal
Ranch Hand
Posts: 1376
Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry i forgot to add <realm-name> tag.
I know <realm-name> tag is optional but i think we can not add <realm-name> tag when using FORM atuthentication.
So my question is what will be the behaviour of Container when i add <realm-name> tag for FORM authentication ?
 
Ankit Garg
Sheriff
Posts: 9671
42
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Abhay Agarwal wrote: i think we can not add <realm-name> tag when using FORM atuthentication.


Again, where did you find it that realm-name cannot be used with FORM authentication??
 
Ranch Hand
Posts: 437
Oracle Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, Abhay.

I know <realm-name> tag is optional but i think we can not add <realm-name> tag when using FORM atuthentication.


We can add <realm-name> tag when using FORM based authentication. See 'Deployment Descriptor
Version 2.2' of Servlet 2.4 specification.

So my question is what will be the behaviour of Container when i add <realm-name> tag for FORM authentication ?


Authorization will be done on the specified web resource name. See this example.
 
Consider Paul's rocket mass heater.
    Bookmark Topic Watch Topic
  • New Topic