This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes JSP and the fly likes Creating a login Screen like in Weblogic6.1 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » JSP
Bookmark "Creating a login Screen like in Weblogic6.1" Watch "Creating a login Screen like in Weblogic6.1" New topic
Author

Creating a login Screen like in Weblogic6.1

NEEL
Greenhorn

Joined: Jan 09, 2002
Posts: 3
Dear Members,
There are a number of websites (intranet as well as internet) that force a user to login, by throwing a login window that pops up asking for username and password.
This can be obvserved in weblogic6.1 as you type the url
http://localhost:70001/console.
This can also be observed on many other Internet sites like the http://otn.oracle.com etc.
I wonder how they can call such a pop up window and, further more validate the subsequent username and password.
Is this a http driven event at all???
If anyone has ever managed to create such a login screen, can you please let me know???


My softwares dont have bugs, they just develop random features
maria jurova
Greenhorn

Joined: Jan 09, 2002
Posts: 4
Hi
if I has understood you right you are talking about BASIC http authorization. You can find more about it in HTTP/1.1 protocol and Servlet2.3 specification.
Regards, Maria
12.5.1 HTTP Basic Authentication
HTTP Basic Authentication is the authentication mechanism defined in the HTTP/1.1
specification. This mechanism is based on a username and password. A web server requests
a web client to authenticate the user. As part of the request, the web server passes the string
called the realm of the request in which the user is to be authenticated. It is important to note
that the realm string of the Basic Authentication mechanism does not have to reflect any
particular security policy domain (which confusingly, can also be referred to as a realm). The
web client obtains the username and the password from the user and transmits them to the
web server. The web server then authenticates the user in the specified realm.
Basic Authentication is not a secure authentication protocol as the user password is
transmitted with a simple base64 encoding and the target server is not authenticated.
However, additional protection, such as applying a secure transport mechanism (HTTPS) or
using security at the network level (such as the IPSEC protocol or VPN strategies) can
alleviate some of these concerns.
Madhav Lakkapragada
Ranch Hand

Joined: Jun 03, 2000
Posts: 5040
"NEEL"
your name doesn't agree with the javaranch guidelines. Please take a moment and re-register after reviewing the guidelines at http://www.javaranch.com/name.jsp
Thanks for your cooperation.
- satya


Take a Minute, Donate an Hour, Change a Life
http://www.ashanet.org/workanhour/2006/?r=Javaranch_ML&a=81
NEEL
Greenhorn

Joined: Jan 09, 2002
Posts: 3
I found some code from a book called Core Servlets which allowed me to this.
This mechanism has really got me hooked onto the http headers subject and ofource I would also have to look at the Servlet2.2 specs.
Thanx Maria.
 
GeeCON Prague 2014
 
subject: Creating a login Screen like in Weblogic6.1