tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Fincher" <...@tbird.com>
Subject Re: Custom Login Procedure
Date Mon, 06 May 2002 19:41:20 GMT
     <auth-constraint>
Hi Eddie,

Put something like the following in your web.xml and set up a realm in
server.xml.  The <transport-guarantee>CONFIDENTIAL tag causes SSL to be
used, drop it if you don't want SSL.

Your login form has to have a form with action="j_security_check" and that
form must have the input fields "j_username" and "j_password".

Rick
----
   <security-constraint>
     <web-resource-collection>
        <web-resource-name>App Name</web-resource-name>
        <url-pattern>/*</url-pattern>
     </web-resource-collection>
     <auth-constraint>
      <role-name>admin</role-name>
      <role-name>user</role-name>
    </auth-constraint>
     <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
    </security-constraint>
  <login-config>
     <auth-method>FORM</auth-method>
     <form-login-config>
        <form-login-page>/login.htm</form-login-page>
        <form-error-page>/loginFailed.htm</form-error-page>
     </form-login-config>
  </login-config>
    <security-role>
     <role-name>user</role-name>
  </security-role>
  <security-role>
     <role-name>admin</role-name>
  </security-role>

----- Original Message -----

Hello everyone.

I'd like to use Tomcat's built-in authentication, but have Tomcat redirect
to a custom login page instead of displaying a dialog.

Can this be done?

Thanks loads!

Eddie




--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message