You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Christian Hargraves <CH...@webmiles.com> on 2001/04/25 20:58:15 UTC
RE: JDBCRealm Question--Never Mind..thanks for your help
-----Original Message-----
From: Christian Hargraves [mailto:CHargraves@webmiles.com]
Sent: Wednesday, April 25, 2001 12:47 PM
To: 'tomcat-user@jakarta.apache.org'
Subject: RE: JDBCRealm Question
Thank you very much for your help Jeff.
Can I see the important part of your login.jsp page too? That's the missing
link.
I think if we can get the password, encrypt it, then have JDBCRealm handle
it, it will work.
Thanks a ton for your help.
-----Original Message-----
From: Jeff Kilbride [mailto:jeff@kilbride.com]
Sent: Wednesday, April 25, 2001 12:43 PM
To: tomcat-user@jakarta.apache.org
Subject: Re: JDBCRealm Question
Hi Christian,
Here's an example of my login-config setup to use HTML forms:
------------------------
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Private Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login/login.jsp</form-login-page>
<form-error-page>/login/error.jsp</form-error-page>
</form-login-config>
</login-config>
------------------------
With this setup, all attempts to access docs in my protected area get
redirected to /login/login.jsp. All login errors go to /login/error.jsp.
I'm not sure about encrypted passwords. You may have to take a look at the
class that implements the JDBCRealm and do some customization -- encrypt the
password before the call is made to the DB. I'm also not sure what session
object it creates.
There's a simple example in the examples.war package that comes with the
distribution. If you have the examples package in your TOMCAT_HOME/webapps
directory, the path to the example is /webapps/examples/jsp/security. The
web.xml entries are in /webapps/examples/WEB-INF/web.xml.
Thanks,
--jeff
----- Original Message -----
From: "Christian Hargraves" <ch...@webmiles.com>
To: <to...@jakarta.apache.org>
Sent: Wednesday, April 25, 2001 8:17 AM
Subject: JDBCRealm Question
> I have read the JDBCRealm.howto file, but I still have a few questions.
>
> in the application's web.xml file there is a login-config tag.
>
> 1) What do I set the login-config tag in the web.xml file to so that it
will
> use JDBCRealm?
> 2) We have encrypted passwords. How would we configure JDBCRealm to
> handle them?
> 3) What session object does JDBCRealm create and what is the name of
session
> object it creates once authenticated.
> 4) Is there an example app out there that uses an HTML form to handle the
> authentication?
>
> Thanks so much for all of your time
>
> Christian
>