Hi I need to enable "Basic" authentication for a url pattern in my webapplication on websphere 6.1. I have created a cusom Application Login and added a custom "Login Module", that does authentication using a custom native store, to it. Now i need to know how do I specify that my application should use this application login.
I have enabled global and application security and my admin console asks me for a username/password now.
To enable the authentication you will need a login-config element in your web-xml file. In your case, it will look like this
once this element is present, the user must be authenticated in order to access any resource that is constrained by a <security-constraint> defined in the Web Application. Once authenticated, the user can be authorized to access other resources with access privileges.
Your <security-constraint> will look like this
This says that for the url pattern that you specify in the <url-pattern> tag and the GET and POST methods in the resource (usually a servlet) that matches the url pattern, authentication will have to happen. I included the which indicates that the request should use https. If you do not want the url-pattern resources to use https then remove this tag
For a great explanation of these tags read the Head First Servlets and JSP book
Here is a link to some documentation regarding the tags I have references in the above text
The user ID and password that you are being asked for are used to log into the admin console. Use the username and password of the that you used when you installed WebSphere
I know this works because I use it in RAD 6.0. I am curious how you wrote the Login Module and how you configured it. Could you help me with this? -Fixed XML [ July 18, 2007: Message edited by: Merrill Higginson ]
The editor JavaRanch uses is supposed to automatically convert < and > to & l t ; and & g t ; Sometimes, for some unknown reason (probably related to the phases of the moon and the price of ginseng in Malaysia) it just doesn't work. I fixed your post by pasting it into JEDIT and using the find replace function to replace the offending characters.
One hint: If you wish to preserve the indentation in your code, surround it with [ c o d e ] and [ / c o d e ] tags.
Oh, and one other thing: The JavaRanch Naming Policy says you need a first and last name, and not just an initial. Please change your user profile when you get a chance. [ July 18, 2007: Message edited by: Merrill Higginson ]