• Post Reply Bookmark Topic Watch Topic
  • New Topic

Form based JAAS - How to implement login system explicitly, outside the container?

 
Vladimir Razov
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have configured form based JAAS in my app. Basically, in web.xml I have declared security constraints on certain jsp page, declared specific roles, login and error pages.
So, my login form is:

This works fine when some user tries to access some of the pages declared in <security-constraint> tag of web.xml.
Container automatically manages login process, redirects to login page and if login details are valid, gives access to secured page.

Now, how should I implement login system so that user can go to login page (possibly same login form) and log in from there?
 
Vladimir Razov
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, that's how form based authentication works .
Form's action="j_security_check" sends form field values to container, which handles login process and forwards to asked/secured page (or servlet) if login succeeds.

I was thinking to use this login form "explicitly": just to go to this page, enter login details and press Submit button. But, as I understood, that can't be done when using form based security.

So, I have implemented this like: when user wants to login, user clicks on login link somewhere on the page, which is a link to secured, user account details jsp page.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!