my dog learned polymorphism
The moose likes JSP and the fly likes Creating a login Screen like in Weblogic6.1 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Creating a login Screen like in Weblogic6.1" Watch "Creating a login Screen like in Weblogic6.1" New topic

Creating a login Screen like in Weblogic6.1


Joined: Jan 09, 2002
Posts: 3
Dear Members,
There are a number of websites (intranet as well as internet) that force a user to login, by throwing a login window that pops up asking for username and password.
This can be obvserved in weblogic6.1 as you type the url
This can also be observed on many other Internet sites like the etc.
I wonder how they can call such a pop up window and, further more validate the subsequent username and password.
Is this a http driven event at all???
If anyone has ever managed to create such a login screen, can you please let me know???

My softwares dont have bugs, they just develop random features
maria jurova

Joined: Jan 09, 2002
Posts: 4
if I has understood you right you are talking about BASIC http authorization. You can find more about it in HTTP/1.1 protocol and Servlet2.3 specification.
Regards, Maria
12.5.1 HTTP Basic Authentication
HTTP Basic Authentication is the authentication mechanism defined in the HTTP/1.1
specification. This mechanism is based on a username and password. A web server requests
a web client to authenticate the user. As part of the request, the web server passes the string
called the realm of the request in which the user is to be authenticated. It is important to note
that the realm string of the Basic Authentication mechanism does not have to reflect any
particular security policy domain (which confusingly, can also be referred to as a realm). The
web client obtains the username and the password from the user and transmits them to the
web server. The web server then authenticates the user in the specified realm.
Basic Authentication is not a secure authentication protocol as the user password is
transmitted with a simple base64 encoding and the target server is not authenticated.
However, additional protection, such as applying a secure transport mechanism (HTTPS) or
using security at the network level (such as the IPSEC protocol or VPN strategies) can
alleviate some of these concerns.
Madhav Lakkapragada
Ranch Hand

Joined: Jun 03, 2000
Posts: 5040
your name doesn't agree with the javaranch guidelines. Please take a moment and re-register after reviewing the guidelines at
Thanks for your cooperation.
- satya

Take a Minute, Donate an Hour, Change a Life

Joined: Jan 09, 2002
Posts: 3
I found some code from a book called Core Servlets which allowed me to this.
This mechanism has really got me hooked onto the http headers subject and ofource I would also have to look at the Servlet2.2 specs.
Thanx Maria.
I agree. Here's the link:
subject: Creating a login Screen like in Weblogic6.1
It's not a secret anymore!