• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Need help in reporting of protected resources in web application

 
Naseem Khan
Ranch Hand
Posts: 809
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am using form based authentication for viewing protected resources of my web application. By j_security_check, it authenticates the user and if authentication is successful, then user can view protected resources of the site.

Now I want to generate a report of which protected resources are accessed by which user along with its timestamp.

Now my question is can I generate this report by j_security_check. I am not sure how should I call my ReportingDAO from web tier as with j_security_check the whole authentication is done by container itself.

Thanks
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use a filter that is invoked for all requests. Use the isUserInRole method to find the role and you can get the query string as well. Log it and then pass it on to the servlet.
 
Naseem Khan
Ranch Hand
Posts: 809
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by John Meyers:
You can use a filter that is invoked for all requests. Use the isUserInRole method to find the role and you can get the query string as well. Log it and then pass it on to the servlet.


Thanks John for your reply. So if I use a filter, how user is going to be authenticated. Do I have to write database code for authentication or can I use the same FORM authentication of container? How the flow is going to be?

Thanks once again

Naseem
 
Naseem Khan
Ranch Hand
Posts: 809
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is what I have done for form based authentication...



Now, if user is not authenticated, login page opens. In login.jsp, I have a form whose action I have set to j_security_check. Form fields are j_user_name and j_password.



I mapped a login filter with the url pattern /j_security_check. So from login.jsp, when user submits the login page, Login filter should be called.

I don't know why my LoginFilter is not called? Filter gets called only when I change url-pattern of LoginFilter to /pdfs/* (i.e., same as the url patter n of the protected resource)

Can anyone please help me in this regard

I am deploying my web application on tomcat. Is it a bug of tomcat?


Thanks
[ January 06, 2007: Message edited by: Naseem Khan ]
 
Naseem Khan
Ranch Hand
Posts: 809
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Guys, could you please help me. Is this possible or not? If not then is there any other way of doing it.

Naseem
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Since that seems to be a FAQ, I've added an entry to the Servlets FAQ.
[ January 08, 2007: Message edited by: Ulf Dittmer ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic