Hello folks,
I am trying to set up a login screen using
Java authentication concepts. Basically, I began with the following .htm form:
<html>
<head>
<title>A login page</title>
</head>
<body>
<center>
<h2>You have requested a secure page, please login</h2>
<form method="POST" action="j_security_check">
<table>
<tr><td>User</td><td><input type=text name="j_username"></tr>
<tr><td>Password</td><td><input type=password name="j_password"></tr>
</table>
<br><br>
<input type=submit>
</form>
</center>
</body>
</html>
I used j_security_check,j_username,j_password because for authentication, the web server is supposed to recognize these variables. I am using FORM validation by the way. Ok, I also edited the deployment descriptor (web.xml for JRUN which is what I'm using. Here it is:
<web-app>
<display-name>JRun Demo</display-name>
<description>JRun Demo</description>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>just a
test</web-resource-name>
<url-pattern>/servlets/fillmore.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<description>Test application</description>
</web-resource-collection>
<auth-constraint>
<role-name>users</role-name>
<description>For users</description>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>
FORM
</auth-method>
<form-login-config>
<form-login-page>
/login.htm
</form-login-page>
<form-error-page>
/loginerror.htm
</form-error-page>
</form-login-config>
</login-config>
<mime-mapping>
<extension>txt</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<
servlet>
<servlet-name>hi</servlet-name>
<init-param>
<param-name>initParam1</param-name>
</init-param>
<init-param><param-name>initParam2</param-name>
</init-param>
<servlet-class>HiEveryone</servlet-class>
<display-name></display-name>
<description></description>
</servlet>
<servlet-mapping><url-pattern>/cup</url-pattern>
<servlet-name>hi</servlet-name>
</servlet-mapping>
</web-app>
I then added users to the users.properties file, like this:
# users.properties
# This file contains a list of user names and their corresponding
# encrypted password. The format is:
#
# user.{username}={encrypted password}
#
# Each user can also be part of a group. Groups are defined in # the
# following way:
#
# group.{group name}={list of users}
#
# The list consists of user names separated by a comma. To # specify
# all users use a wildcard character (*)
#
# Users and groups can also be part of a role. Roles are defined
# in the following way:
#
# role.{role name}={list of users and/or groups}
#
# Users are specified by prepending "user." to the user name, # while
# groups are specified by prepending "group." to the group name. # If
# no prefix is given the name will be searched for as a user # first
# then as a group. To specify all users use a wildcard character # (*).
user.sg77=nnn23j
user.ab11=DSS28m
group.all=*
group.somedevelopers=sg77,ab11
role.users=all
role.developer=somedevelopers
When it was all said and done, when I logged in with sg77 as username and nnn23j as password, it did not work. I don't understand why. I also tried to add users from the MS-DOS command prompt only to get "Access is denied" error. I do not understand why, I went step by step in the JRUN docs.
Hope someone can help.
