• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

What Is login-config Tag And How To Use It?

 
Ranch Hand
Posts: 1309
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What is the function of <login-config> in the web.xml file? I suppose it asks the visitors to give username and password to log in and then visitors can start navigating the web site. Is it right?
I checked the Servlet specification and noticed that we can specify <auth-method> and <realm-name> inside the <login-config> tag.
1. How do we use the <auth-method>?
2. Must there be a real method somewhere in the application to match what is in the <auth-method> tag?
3. How do we specify <realm-name>? Can we simply give any name?
4. If the <login-config> does ask username and password for visitors to log in, where do we put valid username and password?
5. Where is the most convenient place to put one pair of username and password for the developer to test the development version of the application (not production version)?
Simply take the following code for example:

Sorry for dumping so many questions. Thank you in advance.
[ September 18, 2003: Message edited by: JiaPei Jen ]
 
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1. How do we use the <auth-method>?
use <login-config>

2. Must there be a real method somewhere in the application to match what is in the <auth-method> tag?
no. you can use BASIC, DIGEST, CLIENT-CERT, FORM. You're specifying here wich mechanism you want to use for authentication.

3. How do we specify <realm-name>? Can we simply give any name?
the users you want to authenticate should belong to a realm. For example, and employee can belong to the realm manager (in case this employee is indeed a manager). I think is tomcat-users.xml where you specify that, it's container dependent. Yes, you can give it a name.

4. If the <login-config> does ask username and password for visitors to log in, where do we put valid username and password?
same as question 3. I'm not sure, but I think is tomcat-users.xml. If you're using other container, refer to the documentation.
5. Where is the most convenient place to put one pair of username and password for the developer to test the development version of the application (not production version)?
answer 3, 4
Hope this helps
 
JiaPei Jen
Ranch Hand
Posts: 1309
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks a lot, Andres, I got it.
 
reply
    Bookmark Topic Watch Topic
  • New Topic