• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Form based JAAS - How to implement login system explicitly, outside the container?  RSS feed

 
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have configured form based JAAS in my app. Basically, in web.xml I have declared security constraints on certain jsp page, declared specific roles, login and error pages.
So, my login form is:

This works fine when some user tries to access some of the pages declared in <security-constraint> tag of web.xml.
Container automatically manages login process, redirects to login page and if login details are valid, gives access to secured page.

Now, how should I implement login system so that user can go to login page (possibly same login form) and log in from there?
 
Vladimir Razov
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, that's how form based authentication works .
Form's action="j_security_check" sends form field values to container, which handles login process and forwards to asked/secured page (or servlet) if login succeeds.

I was thinking to use this login form "explicitly": just to go to this page, enter login details and press Submit button. But, as I understood, that can't be done when using form based security.

So, I have implemented this like: when user wants to login, user clicks on login link somewhere on the page, which is a link to secured, user account details jsp page.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!