Following is the implementation for the Auth Filter.

package examples.servlets;

import java.io.PrintStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import weblogic.servlet.security.AuthFilter;

public class AuthFilterImpl extends AuthFilter
{

public AuthFilterImpl()
{
System.out.println("New AuthFilterImpl has been created.");
}

public void doPreAuth(ServletRequest servletrequest,
ServletResponse
servletresponse)
{
System.out.println("AuthFilterImpl.doPreAuth has been
called.");
System.out.println("Password is " +
servletrequest.getParameter("j_password"));
}

public boolean doSuccessAuth(ServletRequest servletrequest,
ServletResponse servletresponse)
{
System.out.println("AuthFilterImpl.doSuccessAuth has been
called.");
return true;
}

public void doFailAuth(ServletRequest servletrequest,
ServletResponse
servletresponse)
{
System.out.println("AuthFilterImpl.doFailAuth has been
called.");
}
}

In your weblogic.xml have this entry,


examples.servlets.AuthFilterImpl



Following is the hierarchy for our web application:

LoginTestWeb
|-Admin
|-admin_home.jsp
|-index.jsp
Login.jsp
LoginFailure.jsp

Since index.jsp is inside the admin folder, which is a protected
folder, A user trying to access that page should be redirected to the
login.jsp page. this is happening in our application as explained.
But when a username/password combination is entered it does not
authenticate the credentials. how can this be implemented???

On failure, it calls the AuthFilter.doFailAuth(), but it does not
redirect to the LoginFailure.jsp, even though the path has been
defined in web.xml file. Can you help me out on thsi too.

Thanks in advance...