You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by nessus <co...@gmail.com> on 2007/09/14 05:12:50 UTC
Re: Further documentation on j_security_check
I have the same question.
anybody know how to authenticate users with it's information in another
database table rather the preset table appfuse created automatically
"app-user", "role" and "user_role", like my own table "member". I want to
know exactly how to talk with database/in-memory storages whether the posted
user/password is valid.
thanks for your cents. nessus.
David Delbecq wrote:
>
> En l'instant précis du 01/24/07 14:34, Langas de los Langas s'exprimait
> en ces termes:
>> Thanks for the feedback, but I had already checked that documentation.
>> I want to understand j_security_check on a deeper level; I
>> especifically want to know how the process receives and handles the
>> data from the form fileds; I need to know why they must be called
>> j_username and j_password... In a word, I want to know its inner
>> operation, not some arbitrary guidelines about how to create the
>> forms. Not 'how' to use it, but 'why' does it behave in that way.
>>
> for the why, answer is simple it's because it's stated it must be that
> way in servlet 2.4 specifications, section SRV12.5.3
>>
>>> From: David Delbecq <de...@oma.be>
>>> Reply-To: "Tomcat Users List" <us...@tomcat.apache.org>
>>> To: Tomcat Users List <us...@tomcat.apache.org>
>>> Subject: Re: Further documentation on j_security_check
>>> Date: Wed, 24 Jan 2007 13:52:11 +0100
>>>
>>>
>>> http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security5.html#wp182253
>>>
>>> http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security5.html#wp498028
>>>
>>> Also take a look at servlet 2.4 specifications, section SRV12.5.3
>>> http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html
>>>
>>> En l'instant précis du 01/24/07 13:24, Langas de los Langas s'exprimait
>>> en ces termes:
>>> > I have searched for documentation on the process j_security_check
>>> > (form-based authentication), but have been unable to find anything
>>> > worthy, just some brief explanation and a sample of the form that must
>>> > be used with it. Anybody knows where can I find extensive
>>> > documentation about this process?
>>> >
>>> > _________________________________________________________________
>>> > ¿Estás pensando en cambiar de coche? Todas los modelos de serie y
>>> > extras en MSN Motor. http://motor.msn.es/researchcentre/
>>> >
>>> >
>>> > ---------------------------------------------------------------------
>>> > To start a new topic, e-mail: users@tomcat.apache.org
>>> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> > For additional commands, e-mail: users-help@tomcat.apache.org
>>> >
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>> _________________________________________________________________
>> Moda para esta temporada. Ponte al día de todas las tendencias.
>> http://www.msn.es/Mujer/moda/default.asp
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Further-documentation-on-j_security_check-tf3080745.html#a12667735
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Further documentation on j_security_check
Posted by Pid <p...@pidster.com>.
nessus wrote:
> I have the same question.
>
> anybody know how to authenticate users with it's information in another
> database table rather the preset table appfuse created automatically
> "app-user", "role" and "user_role", like my own table "member". I want to
> know exactly how to talk with database/in-memory storages whether the posted
> user/password is valid.
(It sounds like a different question, traditionally asked in it's own
thread.)
Have you looked at the docs? "Realm" is the element you want.
http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html
I have no knowledge of AppFuse so I can't assume it uses a Realm too.
The beauty of open source is that you can look at the code to see how it
(Tomcat) works.
p
> thanks for your cents. nessus.
>
>
> David Delbecq wrote:
>> En l'instant précis du 01/24/07 14:34, Langas de los Langas s'exprimait
>> en ces termes:
>>> Thanks for the feedback, but I had already checked that documentation.
>>> I want to understand j_security_check on a deeper level; I
>>> especifically want to know how the process receives and handles the
>>> data from the form fileds; I need to know why they must be called
>>> j_username and j_password... In a word, I want to know its inner
>>> operation, not some arbitrary guidelines about how to create the
>>> forms. Not 'how' to use it, but 'why' does it behave in that way.
>>>
>> for the why, answer is simple it's because it's stated it must be that
>> way in servlet 2.4 specifications, section SRV12.5.3
>>>> From: David Delbecq <de...@oma.be>
>>>> Reply-To: "Tomcat Users List" <us...@tomcat.apache.org>
>>>> To: Tomcat Users List <us...@tomcat.apache.org>
>>>> Subject: Re: Further documentation on j_security_check
>>>> Date: Wed, 24 Jan 2007 13:52:11 +0100
>>>>
>>>>
>>>> http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security5.html#wp182253
>>>>
>>>> http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security5.html#wp498028
>>>>
>>>> Also take a look at servlet 2.4 specifications, section SRV12.5.3
>>>> http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html
>>>>
>>>> En l'instant précis du 01/24/07 13:24, Langas de los Langas s'exprimait
>>>> en ces termes:
>>>>> I have searched for documentation on the process j_security_check
>>>>> (form-based authentication), but have been unable to find anything
>>>>> worthy, just some brief explanation and a sample of the form that must
>>>>> be used with it. Anybody knows where can I find extensive
>>>>> documentation about this process?
>>>>>
>>>>> _________________________________________________________________
>>>>> ¿Estás pensando en cambiar de coche? Todas los modelos de serie y
>>>>> extras en MSN Motor. http://motor.msn.es/researchcentre/
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To start a new topic, e-mail: users@tomcat.apache.org
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To start a new topic, e-mail: users@tomcat.apache.org
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>> _________________________________________________________________
>>> Moda para esta temporada. Ponte al día de todas las tendencias.
>>> http://www.msn.es/Mujer/moda/default.asp
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Further documentation on j_security_check
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nessus,
nessus wrote:
> I have the [a similar] question.
>
> anybody know how to authenticate users with it's information in another
> database table rather the preset table appfuse created automatically
> "app-user", "role" and "user_role", like my own table "member".
As pid suggests, see the Realm documentation.
> I want to
> know exactly how to talk with database/in-memory storages whether the posted
> user/password is valid.
Unless you write your own Tomcat authenticator (which I would not
recommend), you cannot use Tomcat's built-in authentication and
authorization system to intercept login requests and perform other
operations (such as, as you say, the login is unsuccessful).
For a more robust and configurable authentication and authorization
implementation, check out securityfilter
(http://securityfilter.sourceforge.net).
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG6xF69CaO5/Lv0PARApxpAJ456896CrfIEQsGn6YRtVtGneyqTACfYMxj
/OVR1kKFjAI8YXFLxjMNCfk=
=Ml5k
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org