aspose file tools*
The moose likes Servlets and the fly likes jsp login Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "jsp login" Watch "jsp login" New topic
Author

jsp login

nirjari patel
Ranch Hand

Joined: Apr 23, 2009
Posts: 374
I have taken following example from http://publib.boulder.ibm.com

How does the request understand, which server to go to , when we have provided ACTION="j_security_check" ? Dont we need server name to send a rewuest to ? If username and password are stored in database, connection to database is taken care of by j_security_check ? If not, the how is security check performed in that case ?

How does redirection to another webpage take place , when we are using j_security_check ?

Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61656
    
  67

As container-based security is part of the Servlet Specification, not JSP, this has been moved to the Servlets forum.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61656
    
  67

Have you checked to see what the Servlet Specification has to say on the matter?
Charbel Keyrouz
Ranch Hand

Joined: Jun 10, 2005
Posts: 46
This login page is meant to work for JAAS.
Once you configure your server for JAAS authentication you should have the following values and you cannot change them:

if the authentication method is form then the action of the form shoud be j_security_check
the username field name should be:j_username
the password field name should be: j_password

changing anything in the above values the authentication will not work.

As for the redirection it is configured in the web.xml in the following tag:

<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.do</form-login-page>
<form-error-page>/loginRetry.do</form-error-page>
</form-login-config>
</login-config>

anyway for more details about JAAS go to this link:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html
Bosun Bello
Ranch Hand

Joined: Nov 06, 2000
Posts: 1510
This is what I know - j_security_check is a kind of target built into a web application container. So, how it's actually implemented is container specific. However, the URL that causes the login page to be invoked is probably stored somewhere, and then the login is successful, the user is redirected to the stored URL.


Bosun (SCJP, SCWCD)
So much trouble in the world -- Bob Marley
Charbel Keyrouz
Ranch Hand

Joined: Jun 10, 2005
Posts: 46
Yes exactly, once you configure your jaas authentication this url will be active.
 
jQuery in Action, 2nd edition
 
subject: jsp login