Milosz,
We need a little bit more information to help you. Here are the minimum
steps to use login/usersecurity:
1. protect the web resource in the web.xml, or the enterprise resource in
the ejb-jar.xml.
2. write a jsp or html file with the j2ee security action.
3. enter data for the user/password and security-role/group mapping in the
principals.xml file, databank, or other usermanager repository.
Here is an example:
The web.xml configuration file:
<security-constraint>
<web-resource-collection>
<web-resource-name>unnamed</web-resource-name>
<url-pattern>/admin/*</url-pattern>
<http-method>*</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>administrators</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/adminlogin.html</form-login-page>
<form-error-page>/adminlogin.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>administrators</role-name>
</security-role>
You establish the login page with the j2ee security action j_security_check
(usually not necessary), j_username, j_password:
<html>
<head>
<title>Administrative Login</title>
</head>
<LINK REL="stylesheet" TYPE="text/css" HREF="/css/stylesheet.css">
<body MARGINHEIGHT="0" MARGINWIDTH="0" text="#000000" link="#003366"
alink="#ff6600" vlink="#003366" bgcolor="#ffffff" leftmargin="0"
RIGHTMARGIN="0" topmargin="0">
<form name="login" method="POST" >
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0>
<tr><td height="150" colspan="4"
bgcolor="#000099"></td></tr>
<TR><td width="200" bgcolor="#000099"></td><TD>
<p>Login:</p>
</TD><TD>
<input name="j_username" type="text"
size=20>
</TD><td width="50%" bgcolor="#000099"></TR>
<TR><td width="200" bgcolor="#000099"></td><TD>
Password:
</TD><TD>
<input name="j_password"
type="password" size=20>
</TD><td width="50%"
bgcolor="#000099"></td></TR>
<TR><td width="200" bgcolor="#000099"></td><TD>
<input type="submit" value="SUBMIT">
</TD><td bgcolor="#000099"></td><td
width="50%"
bgcolor="#000099"></td></TR>
</table>
</form>
</body>
</html>
You establish the login/password data in the principals.xml file, or use
datasourceusermanager, or ejbusermanager to verify your users.
Regards,
the elephantwalker
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Miłosz Witkowski
Sent: Friday, July 06, 2001 1:35 AM
To: Orion-Interest
Subject: Security exception.
I have problem with security exception when i try to include page which is
protected.
Errors are printed on the page. I don't whant it. I want to forward myself
to login page.
I was trying to nest include by try block but it dosn't help. Does anybody
know what should
I do?
Thanks in advance
Milosz Witkowski
