0 Replies Latest reply on Apr 12, 2002 9:05 AM by Nigel White

    newbie. Just wants to use form based login.

    Nigel White Newbie

      How do I do it?

      This all seems over-complicated with all kinds of weirdness.

      I have

      Security constraint for resources in the secure directory
      only let the system manager login
      SSL not required


      The Secure ROLE

      and in auth.conf (which is a TOTAL MYSTERY to me, can anyone help?):

      // The default server login module
      other {
      // A simple server login module, which can be used when the number
      // of users is relatively small. It uses two properties files:
      // users.properties, which holds users (key) and their password (value).
      // roles.properties, which holds users (key) and a comma-separated list of their roles (value).
      // The unauthenticatedIdentity property defines the name of the principal
      // that will be used when a null username and password are presented as is
      // the case for an unuathenticated web client or MDB. If you want to
      // allow such users to be authenticated add the property, e.g.,
      // unauthenticatedIdentity="nobody"
      org.jboss.security.auth.spi.UsersRolesLoginModule required

      When I access my application, it flips to the login form, but when I submit blank user name and password 3 times, it goes into the welcome page!

      Also, how do I explicitly log out?

      What is all this about? Where can I get some simple help on all this. It's all just gone too weird for me, a bog standard VMS-raised bit-twiddler to understand!