Hi Legolas,
Legolas Woodland wrote On 05/13/06 05:42,:
> Hi
> Thank you for reading my post
> what is best practice to create a login page , authenticate users and
> then let them see some pages
> the requirement is:
> 1-after user logged in he/she should be able to look at some urls based
> on his/her privileged
> 2-the login information should reside in session until user explicitly
> logout or the session time out.
>
> now my questions are :
> -Does glassfish provide some kind of standard mechanism like tomcat :
> j_security login mechanism? (container managed)
Yes, GlassFish supports the FORM based authentication mechanism
as described in the servlet spec (see SRV.12.5.3).
> -is it wise to use this mechanism ,please give me some reason for your
> answer
>
> -is there any sample application that show me this ?
Actually, the admin GUI webapp in GlassFish uses it. Here's the relevant
info from its web.xml
(stored in
glassfish/lib/install/applications/admingui/adminGUI_war/WEB-INF/):
<login-config>
<auth-method>FORM</auth-method>
<realm-name>admin-realm</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
Hope this helps.
Jan
> I would love such a sample application because i can learn easier from
> samples.
>
> ps: is it better to ask in forum or mailing list ?
> Thank you.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>