I am designing a webpage using jsps and i am trying to set up my login page. when the user clicks on the sin-in button they are taken to a screen aking them to enter their username and password,which i have stored in a MySQL database.

Created Apr 27, 2003

andy flack

tomcat /conf/server.xml file uses something like this:

<JDBCRealm
            debug="99" 
			driverName="org.gjt.mm.mysql.Driver"
			connectionURL="jdbc:mysql://192.123.117.38/db1" 
			connectionName="user"
	        connectionPassword="pass"
		    userTable="TOMCAT_USERS" 
            userNameCol="user_name" 
            userCredCol="user_pass" 
			userRoleTable="TOMCAT_USER_ROLES" 
            roleNameCol="role_name" />

And then in the webapps/app/WEB-INF/web.xml you can use something like this to enable form based authentication:

<security-constraint>
      <web-resource-collection>
         <web-resource-name>Protected Area</web-resource-name>
          <url-pattern>/secure/*</url-pattern>
          <http-method>GET</http-method>
          <http-method>POST</http-method>
   	      <http-method>PUT</http-method>
         </web-resource-collection>
      <auth-constraint>
         <role-name>webapp1</role-name>
      </auth-constraint>
    </security-constraint>
    <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>Authentication Area</realm-name>
      <form-login-config>
        <form-login-page>/login/login.jsp</form-login-page>
        <form-error-page>/login/error.jsp</form-error-page>
      </form-login-config>
    </login-config>

And then use the login page such as:

<html><title>login</title>
<body bgcolor="#99CCFF" OnLoad="document.Form1.j_username.focus();">
<h1 align="center">Login 
  page </h1>
<form method="POST" action="j_security_check" name="Form1" >
  <div align="center"> 
    Username: 
    <input type="text" name="j_username">
    

    Password: 
    <input type="password" name="j_password">
    

    

    <input type="submit" value="login" name="j_security_check">
     
  </div>
</form>
</body>
</html>

This will then require authentication for any pages in the secure folder. (ssl can be enabled also in server.xml to stop encrypt the data)
i would suggest to look in the tomcat manual as this is only intended to point you in this direction. the manual will explain it in english.

Post a comment

Email Article

Print Article

Share Articles

Digg

del.icio.us

Newsvine

Facebook

Google

LinkedIn

MySpace

Reddit

Slashdot

StumbleUpon

Technorati

Twitter

Windows Live

YahooBuzz

FriendFeed

0 Comments (click to add your comment)

Comment and Contribute

Your name/nickname

Your email

WebSite

Subject

(Maximum characters: 1200). You have 1200 characters left.

Most Popular jGuru Stories

Editor's Picks

Most Popular

The Java Game Development Tutorial

Files and Directories in Java

Load Testing your Applications with Apache JMeter

Unit Testing Java Programs

Using SOAP with Java

6 Tips to Improve Java Exception Handling

Best Java interview questions

Dynamic Loading Using Java Reflection and Properties.

Best Practices in OOP

JBoss Case Study: Learn Design Patterns From Real Projects (Part 1)