File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes login screens Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "login screens" Watch "login screens" New topic

login screens

Scott Allen Mueller

Joined: Apr 09, 2006
Posts: 2
I've been out of the servlet loop for a while... Now I need to create a webapp with, of course, a login screen and even login sections on pages like the homepage. How is this handled nowadays? I used to have to setup a <security-constraint> element in the web.xml file with a url pattern for pages that required a login. Then when you try to navigate to those pages it would bring you to the defined login page (in the <login-config> element). But I forget, and I assume there's a better way now, for example how to deal with homepages with login sections.

AccelerateBiz Managed Hosting<br /> <a href="" target="_blank" rel="nofollow"></a>
dema rogatkin
Ranch Hand

Joined: Oct 09, 2002
Posts: 294
I heard about filters.

Tough in space?, <a href="" target="_blank" rel="nofollow">Get J2EE servlet container under 150Kbytes here</a><br />Love your iPod and want it anywhere?<a href="" target="_blank" rel="nofollow">Check it here.</a><br /><a href="" target="_blank" rel="nofollow">Curious about generic in Java?</a><br /><a href="" target="_blank" rel="nofollow">Hate ant? Use bee.</a><br /><a href="" target="_blank" rel="nofollow">Need contacts anywhere?</a><br /><a href="" target="_blank" rel="nofollow">How to promote your business with a search engine</a>
Scott Allen Mueller

Joined: Apr 09, 2006
Posts: 2
How would I use filters to have a login section on the homepage?
Manuel Palacio
Ranch Hand

Joined: Oct 16, 2000
Posts: 45
I've been doing this with Acegi Security, the security framework for Spring: Acegi

You can map URLs to different roles that you have defined in, for example, a database. It uses filters to do this.

I don't think there's a better way in the latest specification to deal with those things. On the other hand, we have frameworks like Acegi that make this easy and portable.

You can also write a filter that does simple autentication, perhaps checking for the existence of a certain variable in the session.

<a href="" target="_blank" rel="nofollow"></a>
I agree. Here's the link:
subject: login screens
It's not a secret anymore!