tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Howard" <>
Subject Form Login and such..
Date Mon, 01 May 2000 17:51:54 GMT
I'm trying to implement a form login type authentication for a certain
"configuration" page.  This will be the only page that needs to be
authenticated.  The way I'm trying to implement it is with redirects based
on session values.

admin.jsp -> formLogin.jsp ->adminLogin.jsp -> admin.jsp.

First when the user hits the admin.jsp page it evaluates a value session
value (UserValid) to see if it is null.  If it is null the page gets
re-directed to the formLogin page where it is a simple POST form that has
the username/password value.  Next is the adminLogin.jsp page that will
verify the username/password and set the session value UserValid to the
username and then redirect to the admin.jsp page which will then display the
administrator page because UserValid has been defined.  All of this works
fine but I have no idea how to implement the adminLogin.jsp page that does
the authintication.  Is there a crypt() type call that I could use?  I'm
probably going to have to use a file within the current directory to hold
the username/password values as there  will be multiple instances of this
app on the same system all confined to a single directory.  Any suggestion
on how to implement the adminLogin.jsp?


View raw message