accessing secured page

triathlon98 Aug 4, 2004 10:45 AM

I have a servlet which is secured, and a program which needs to access that servlet.

When the servlet is secured using BASIC authentication, I can easily pass my credentials using the following code

 Authenticator.setDefault( new Authenticator()
 {
 protected PasswordAuthentication getPasswordAuthentication()
 {
 return new PasswordAuthentication( login, pass.toCharArray() );
 }
 } );

However, I changed my servlet to FORM based authentication for a better user experience. Now my automatic authentication no longer works, and the client code gets the login page instead of the actual result.

Is there a way to send my credentials to the servlet to avoid trying to interpret the login page etc?

Thanks for the help,
Joachim

1. Re: accessing secured page

starksm64 Aug 4, 2004 10:55 AM (in response to triathlon98)

No, you have to programtically handle the redirect to the form login page and supply a post to the j_security_check servlet. There is an example of this in the org.jboss.test.web.test.FormAuthUnitTestCase from the testsuite module.
Actions
2. Re: accessing secured page

triathlon98 Aug 4, 2004 5:05 PM (in response to triathlon98)

Thanks Scott, that helped :-)
Actions
3. Re: accessing secured page

suo_jian Aug 22, 2004 3:24 AM (in response to triathlon98)

i have the same problem. and i want to write a servlet
the web.xml sound that:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/servlet1</form-login-page>
</form-login-config>
</login-config>

and I write the Servlet1 to handle the login process,but how can i get the orignial url. for example:I come from
http://www.sa.com/sample1.html?username=a&password=b
when the jboss redirect to the servlet,how can i get the above url and parm?

thank you
Actions

Go to original post