In form-based authentication, what must be included in the HTML returned from the URL specified by the <login-page> element? A. a base-64 encoded user name and password B. a form that POSTs to the j_security_check URL C. an applet that requests the user name and password from the user D. a hidden field that supplies the login-constraint used by the application
The URL specified as the login page must return a form with fields j_username and j_password. Adittionally, this form should POST to action="j_security_check".
Leandro Melo
SCJP 1.4, SCWCD 1.4
I will suppress my every urge. But not this shameless plug:
Gift giving made easy with the permaculture playing cards