2 Replies Latest reply on Dec 18, 2003 5:12 AM by Maxim Wirt

    Logging in the user manually

    Per Steffensen Newbie

      Hi

      Im using jboss3.2.1-tomcat-4.1.24.

      When the user wants to login at my site, I just send him to a protected page. This will make the login-page popup. It redirects to j_security_check and the user will be logged in.

      Now I've created a "create new user" page. In the Struts action that creates the user I also want to login the user as the newly created user. But how. How can you log in the user "manually" i Java-code, without doing the "protected page"->j_security_check trick?

      Thanx

        • 1. Re: Logging in the user manually
          Per Steffensen Newbie

          How can you log in the user "manually" in Java-code, without doing the "protected page"->j_security_check trick?

          • 2. Re: Logging in the user manually
            Maxim Wirt Newbie

            It seems like there is no good solution of this problem - logic of form login is very container-specific. I made a code that emulates user's sequence of actions by using jakarta commons HttpClient:

            public class UserLogin {
             public static int PORT = 8080;
            
             public static void formLogin(HttpServletRequest request, String target,
             String username, String password) throws IOException {
            
             HttpClient client = new HttpClient();
             client.getState().setCookiePolicy(CookiePolicy.COMPATIBILITY);
             client.getHostConfiguration().setHost("localhost", PORT, "http");
             // copy cookies from request to pass correct jsessionid
             for(int i = 0; i < request.getCookies().length; i++) {
             client.getState().addCookie(new Cookie("localhost", request.getCookies().getName(),
             request.getCookies().getValue(), "/",
             request.getCookies().getMaxAge(),
             request.getCookies().getSecure()));
             }
            
             GetMethod m1 = new GetMethod(request.getContextPath() + target);
             m1.setFollowRedirects(true);
             client.executeMethod(m1);
            
             PostMethod m = new PostMethod(request.getContextPath() + "/j_security_check");
             NameValuePair userid = new NameValuePair("j_username", username);
             NameValuePair pwd = new NameValuePair("j_password", password);
             m.setRequestBody(new NameValuePair[] {userid, pwd});
            
             client.executeMethod(m);
             m.releaseConnection();
             }
            }