Re: User Authentication - Weblogic

This is a discussion on Re: User Authentication - Weblogic ; http://e-docs.bea.com/wls/docs70/web...ty.html#100585 /k "John Hundley" wrote in message news:3f4bd27b$1@newsgroups.bea.com... > > Hi, > I want my own .jsp based login form inside my web app. I can see that I need > to set up web.xml with the auth-method of FORM ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Re: User Authentication

  1. Re: User Authentication

    http://e-docs.bea.com/wls/docs70/web...ty.html#100585

    /k

    "John Hundley" wrote in message
    news:3f4bd27b$1@newsgroups.bea.com...
    >
    > Hi,
    > I want my own .jsp based login form inside my web app. I can see that I

    need
    > to set up web.xml with the auth-method of FORM and I can see how I can set

    my
    > login page with but I don't understand how the username

    and
    > password entered by the user on my .jsp page get passed into the

    framework. How
    > is this done? All I can find in the documentation is the following:
    >
    > "The URI of a Web resource relative to the document root, used to

    authenticate
    > the user. This can be an HTML page, JSP, or HTTP servlet, and must return

    an HTML
    > page containing a FORM-based authentication that conforms to a specific

    naming
    > convention."
    >
    > So I guess the real question is what the heck are the "specific naming

    conventions"?
    > Do you have an example of how to do this?
    > Thanks,
    > John
    >
    >




  2. Re: User Authentication


    Yea,
    I had actually seen that in one of the .jsp pages in the samples directory for
    8.1 since I posted the original question. That is not exactly what I want to do.
    . Do you have an example of doing form based user authentication in a pageflow
    using the netui:form and netui:textbox tags? Here is the format using a regular
    form:







    What if I want to call a .jpf action upon successful login? How do I get around
    having to make the action="j_security_check"? Is there a method call I can make
    inside my action using form values for j_username and j_password instead? It
    would be really cool if I could do something like:

    /**
    * @jpf:action
    *
    * @jpf:forward path="welcome.jsp" name="success"
    */
    protected Forward logIn(LogInForm form)
    {
    try{
    weblogic.management.security.staticclass.securityc heck(form.getUsername,
    form.getPassword);
    }
    catch (beaSecurityException se){
    //do whatever for a failed login
    }
    return new Forward("success");
    }


    I am thinking there is probably just such a method call I just don't know where
    it is. I looked in the weblogic.management.security packages thinking that is
    where it would be but I don't see what I am looking for.

    Thanks,
    John


    "Karthik V" wrote:
    >http://e-docs.bea.com/wls/docs70/web...ty.html#100585
    >
    >/k
    >
    >"John Hundley" wrote in message
    >news:3f4bd27b$1@newsgroups.bea.com...
    >>
    >> Hi,
    >> I want my own .jsp based login form inside my web app. I can see that

    >I
    >need
    >> to set up web.xml with the auth-method of FORM and I can see how I

    >can set
    >my
    >> login page with but I don't understand how the username

    >and
    >> password entered by the user on my .jsp page get passed into the

    >framework. How
    >> is this done? All I can find in the documentation is the following:
    >>
    >> "The URI of a Web resource relative to the document root, used to

    >authenticate
    >> the user. This can be an HTML page, JSP, or HTTP servlet, and must

    >return
    >an HTML
    >> page containing a FORM-based authentication that conforms to a specific

    >naming
    >> convention."
    >>
    >> So I guess the real question is what the heck are the "specific naming

    >conventions"?
    >> Do you have an example of how to do this?
    >> Thanks,
    >> John
    >>
    >>

    >
    >



  3. Re: User Authentication


    Never mind got it.

    "John Hundley" wrote:
    >
    >Yea,
    >I had actually seen that in one of the .jsp pages in the samples directory
    >for
    >8.1 since I posted the original question. That is not exactly what I
    >want to do.
    > . Do you have an example of doing form based user authentication in
    >a pageflow
    >using the netui:form and netui:textbox tags? Here is the format using
    >a regular
    >form:
    >
    >
    >

    >
    >
    >

    >
    >What if I want to call a .jpf action upon successful login? How do I
    >get around
    >having to make the action="j_security_check"? Is there a method call
    >I can make
    >inside my action using form values for j_username and j_password instead?
    > It
    >would be really cool if I could do something like:
    >
    >/**
    > * @jpf:action
    > *
    > * @jpf:forward path="welcome.jsp" name="success"
    > */
    > protected Forward logIn(LogInForm form)
    > {
    > try{
    > weblogic.management.security.staticclass.securityc heck(form.getUsername,
    >form.getPassword);
    > }
    > catch (beaSecurityException se){
    > //do whatever for a failed login
    > }
    > return new Forward("success");
    > }
    >
    >
    >I am thinking there is probably just such a method call I just don't
    >know where
    >it is. I looked in the weblogic.management.security packages thinking
    >that is
    >where it would be but I don't see what I am looking for.
    >
    >Thanks,
    >John
    >
    >
    >"Karthik V" wrote:
    >>http://e-docs.bea.com/wls/docs70/web...ty.html#100585
    >>
    >>/k
    >>
    >>"John Hundley" wrote in message
    >>news:3f4bd27b$1@newsgroups.bea.com...
    >>>
    >>> Hi,
    >>> I want my own .jsp based login form inside my web app. I can see

    >that
    >>I
    >>need
    >>> to set up web.xml with the auth-method of FORM and I can see how I

    >>can set
    >>my
    >>> login page with but I don't understand how the username

    >>and
    >>> password entered by the user on my .jsp page get passed into the

    >>framework. How
    >>> is this done? All I can find in the documentation is the following:
    >>>
    >>> "The URI of a Web resource relative to the document root, used to

    >>authenticate
    >>> the user. This can be an HTML page, JSP, or HTTP servlet, and must

    >>return
    >>an HTML
    >>> page containing a FORM-based authentication that conforms to a specific

    >>naming
    >>> convention."
    >>>
    >>> So I guess the real question is what the heck are the "specific naming

    >>conventions"?
    >>> Do you have an example of how to do this?
    >>> Thanks,
    >>> John
    >>>
    >>>

    >>
    >>

    >



+ Reply to Thread