Win a copy of Hands On Software Engineering with Python this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Bear Bibeault
  • Knute Snortum
  • Liutauras Vilda
Sheriffs:
  • Tim Cooke
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Ron McLeod
  • Ganesh Patekar
  • salvin francis
Bartenders:
  • Tim Holloway
  • Carey Brown
  • Stephan van Hulst

Form based JAAS - How to implement login system explicitly, outside the container?  RSS feed

 
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have configured form based JAAS in my app. Basically, in web.xml I have declared security constraints on certain jsp page, declared specific roles, login and error pages.
So, my login form is:

This works fine when some user tries to access some of the pages declared in <security-constraint> tag of web.xml.
Container automatically manages login process, redirects to login page and if login details are valid, gives access to secured page.

Now, how should I implement login system so that user can go to login page (possibly same login form) and log in from there?
 
Vladimir Razov
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, that's how form based authentication works .
Form's action="j_security_check" sends form field values to container, which handles login process and forwards to asked/secured page (or servlet) if login succeeds.

I was thinking to use this login form "explicitly": just to go to this page, enter login details and press Submit button. But, as I understood, that can't be done when using form based security.

So, I have implemented this like: when user wants to login, user clicks on login link somewhere on the page, which is a link to secured, user account details jsp page.
 
Ever since I found this suit I've felt strange new needs. And a tiny ad:
Programmatically Create PDF Using Free Spire.PDF with Java
https://coderanch.com/wiki/703735/Programmatically-Create-PDF-Free-Spire
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!