aspose file tools*
The moose likes Servlets and the fly likes Authentication login screen Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Authentication login screen" Watch "Authentication login screen" New topic
Author

Authentication login screen

Shuaib Gill
Ranch Hand

Joined: May 29, 2001
Posts: 62
Hello folks,
I am trying to set up a login screen using Java authentication concepts. Basically, I began with the following .htm form:
<html>
<head>
<title>A login page</title>
</head>
<body>
<center>
<h2>You have requested a secure page, please login</h2>
<form method="POST" action="j_security_check">
<table>
<tr><td>User</td><td><input type=text name="j_username"></tr>
<tr><td>Password</td><td><input type=password name="j_password"></tr>
</table>
<br><br>
<input type=submit>
</form>
</center>
</body>
</html>
I used j_security_check,j_username,j_password because for authentication, the web server is supposed to recognize these variables. I am using FORM validation by the way. Ok, I also edited the deployment descriptor (web.xml for JRUN which is what I'm using. Here it is:
<web-app>
<display-name>JRun Demo</display-name>
<description>JRun Demo</description>
<session-config>
<session-timeout>30</session-timeout>
</session-config>

<security-constraint>
<web-resource-collection>
<web-resource-name>just a test</web-resource-name>
<url-pattern>/servlets/fillmore.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<description>Test application</description>
</web-resource-collection>
<auth-constraint>
<role-name>users</role-name>
<description>For users</description>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>
FORM
</auth-method>
<form-login-config>
<form-login-page>
/login.htm
</form-login-page>
<form-error-page>
/loginerror.htm
</form-error-page>
</form-login-config>
</login-config>

<mime-mapping>
<extension>txt</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>hi</servlet-name>
<init-param>
<param-name>initParam1</param-name>
</init-param>
<init-param><param-name>initParam2</param-name>
</init-param>
<servlet-class>HiEveryone</servlet-class>
<display-name></display-name>
<description></description>
</servlet>
<servlet-mapping><url-pattern>/cup</url-pattern>
<servlet-name>hi</servlet-name>
</servlet-mapping>
</web-app>
I then added users to the users.properties file, like this:
# users.properties
# This file contains a list of user names and their corresponding
# encrypted password. The format is:
#
# user.{username}={encrypted password}
#
# Each user can also be part of a group. Groups are defined in # the
# following way:
#
# group.{group name}={list of users}
#
# The list consists of user names separated by a comma. To # specify
# all users use a wildcard character (*)
#
# Users and groups can also be part of a role. Roles are defined
# in the following way:
#
# role.{role name}={list of users and/or groups}
#
# Users are specified by prepending "user." to the user name, # while
# groups are specified by prepending "group." to the group name. # If
# no prefix is given the name will be searched for as a user # first
# then as a group. To specify all users use a wildcard character # (*).
user.sg77=nnn23j
user.ab11=DSS28m
group.all=*
group.somedevelopers=sg77,ab11
role.users=all
role.developer=somedevelopers
When it was all said and done, when I logged in with sg77 as username and nnn23j as password, it did not work. I don't understand why. I also tried to add users from the MS-DOS command prompt only to get "Access is denied" error. I do not understand why, I went step by step in the JRUN docs.
Hope someone can help.


programmer77
Julia Reynolds
Ranch Hand

Joined: May 31, 2001
Posts: 123
You didn't encrypt the password in your property file.
Could that be the problem? You might want to check
the allaire developer site for help with getting JRUN working.
JRUN can be obstinate.
Julia
 
 
subject: Authentication login screen
 
Similar Threads
web.xml
securing ejb application depolyed in glassfish V3 using ldap realm that points to active directory
Having serious trouble configuring Authorization
Web.xml
ELEMENT init-param(param-name, param-value, description?