tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: A Question about Realm
Date Fri, 30 May 2003 03:59:46 GMT
1) Assuming that auth.jsp is configured as your login-page:
<form name="authForm"  method="post" action="j_security_check">
  <input type="text" value="j_username" />
  <input type="password" value="j_password" />
</form>

2) You can't (portably) get the password.  If you have a way to look it up
from the userName, then use that.  You can get the username from
'request.getRemoteUser()', and can test roles with
'request.isUserInRole(role)'.  You can also look at
'request.getUserPrincipal()'.

"martin" <martin@cht.com.tw> wrote in message
news:00b501c3265a$9e1d0540$8e1f900a@martinp42800...
Dear all.
I am from taiwan,I have some questions in using tomcat.

I have configured a realm to protect a web application and set it's web.xml
like below.
I using a Form(auth.jsp) to authenticate  users.I have two questions.

1. What the contents of auth.jsp should be ? What 's the values of action
and input's name shoud be ?

<form name="authForm"  method="post" action="??">
  <input type="text" value="username" />             =>is this right ?
  <input type="password" value="password" />    =>is this right ?
</form>

2. After the user is authenticated, how can I get the user's
username,password,and role in other pages ?

It's my first time to ask question here, and please exceuse my poor English.

Thanks a lot.
--------

piece of web.xml file

 <security-constraint>
   <web-resource-collection>
     <web-resource-name>Apress Application</web-resource-name>
     <url-pattern>/*</url-pattern>
   </web-resource-collection>
   <auth-constraint>
    <role-name>apressuser</role-name>
   </auth-constraint>
  </security-constraint>

  <login-config>
   <auth-method>FORM</auth-method>
   <form-login-config>
    <form-login-page>/auth.jsp</form-login-page>
    <form-error-page>/err.htm</form-error-page>
   </form-login-config>
   <realm-name>Apress Application</realm-name>
  </login-config>





---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message