RE: JDBCRealm Question

Wed, 25 Apr 2001 11:28:50 -0700 

Thank you very much for your help Jeff.

Can I see the important part of your login.jsp page too? That's the missing
link.
I think if we can get the password, encrypt it, then have JDBCRealm handle
it, it will work.

Thanks a ton for your help.

-----Original Message-----
From: Jeff Kilbride [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 25, 2001 12:43 PM
To: [EMAIL PROTECTED]
Subject: Re: JDBCRealm Question


Hi Christian,

Here's an example of my login-config setup to use HTML forms:

------------------------
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Private Authentication Area</realm-name>
    <form-login-config>
        <form-login-page>/login/login.jsp</form-login-page>
        <form-error-page>/login/error.jsp</form-error-page>
    </form-login-config>
</login-config>
------------------------

With this setup, all attempts to access docs in my protected area get
redirected to /login/login.jsp. All login errors go to /login/error.jsp.

I'm not sure about encrypted passwords. You may have to take a look at the
class that implements the JDBCRealm and do some customization -- encrypt the
password before the call is made to the DB. I'm also not sure what session
object it creates.

There's a simple example in the examples.war package that comes with the
distribution. If you have the examples package in your TOMCAT_HOME/webapps
directory, the path to the example is /webapps/examples/jsp/security. The
web.xml entries are in /webapps/examples/WEB-INF/web.xml.

Thanks,
--jeff

----- Original Message -----
From: "Christian Hargraves" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, April 25, 2001 8:17 AM
Subject: JDBCRealm Question


> I have read the JDBCRealm.howto file, but I still have a few questions.
>
> in the application's web.xml file there is a login-config tag.
>
> 1) What do I set the login-config tag in the web.xml file to so that it
will
> use JDBCRealm?
> 2) We have encrypted passwords. How would we configure JDBCRealm to
> handle them?
> 3) What session object does JDBCRealm create and what is the name of
session
> object it creates once authenticated.
> 4) Is there an example app out there that uses an HTML form to handle the
> authentication?
>
> Thanks so much for all of your time
>
> Christian
>

Reply via email to