1 Reply Latest reply on Oct 22, 2002 6:23 AM by matthias

    Login from another Web-Host with known Credentials

    matthias
    matthias Sep 24, 2002 3:05 AM

      Hi,

      i am searching for a solution to login with known Credentials.
      In our Intrantet the users are logged in and well known. Now i
      want to add a further Web-Service (Jboss) and i would like to
      work with the known Credentials.

      My Idea is, to change the login.jsp - Page.

      I would save the credentials for example in a cookie, and in
      the login.jsp i would like to send a forward.

      My login.jsp looks like the following:

      ----------------login.jsp------------------------------------------------
      <%@ page buffer="32kb" %>

      <%
      System.out.println("in login.jsp");
      System.out.println("Response: " + response.toString());
      String address = response.encodeURL
      ("j_security_check") + "?
      j_username='Willi2'&j_password='WilliPass'";

      RequestDispatcher dispatcher = getServletContext().
      getRequestDispatcher(address);

      dispatcher.forward ( request, response);
      // perhaps a redirect ?
      //response.sendRedirect(address);

      %>
      ----------------login.jsp------------------------------------------------

      But this doesn´t work for the moment. I think a forward is like a GET and the standard
      login-Page executes a PUT -Statement (method = Post).

      I would be glad, if someone could help me.

      Perhaps there is a totally other way to solve this Problem.

      Regards Matthias Lakämper

      • 2183 Views
      • Tags:
        • 1. Re: Login from another Web-Host with known Credentials
          matthias
          matthias Oct 22, 2002 6:23 AM (in response to matthias)

          Hi,

          i have found two solutions for my Problem

          first:

          The quotation-Marks in the link are wrong and the reason was
          a null Pointer-Exception on working.
          The redirect works as follows:

          <%
          String address = response.encodeURL("j_security_check") + "?j_username=Willi2&j_password=WilliPass";
          response.sendRedirect(address);

          %>
          this works.

          second:

          another solution is to consult the security-Manager. With this help
          i can set new credentials and work on.

          -----Code-Snippet-----------------------------------
          <%@ page
          session="false"
          isThreadSafe="true"
          isErrorPage="false"
          import="javax.naming.*,
          test.interfaces.*,
          java.math.BigDecimal, java.security.Principal,
          org.jboss.security.* "
          %>

          .....


          javax.naming.InitialContext iniCtx = new javax.naming.InitialContext();
          AuthenticationManager securityMgr = (AuthenticationManager)
          iniCtx.lookup("java:comp/env/security/securityMgr");
          SimplePrincipal principal = new SimplePrincipal("Willi2");
          String sPassword = "WilliPass";
          %>

          <%
          if ( securityMgr.isValid(principal, sPassword) ) {
          SecurityAssociation.setPrincipal(principal);
          SecurityAssociation.setCredential(sPassword.toCharArray());
          out.println("Access allowed !");
          } else {
          out.println("Access denied !");
          }
          %>
          -----Code-Snippet-----------------------------------

          Thanks to the Documentation of JBoss (JBossBook_30x page 316...)


          Regards Matthias Lakämper

            • Actions