Configure login authentication method for Web applications

The following steps show how to configure a form-based login using the Rational Application Developer.

  1. Create 2 new HTML pages: login.html and error.html in Chapter5Web Web Project.

    login.html:

    
    <html>
    <head>
    <title>IBM-257 Form Login</title>
    <link href="theme/Master.css" rel="stylesheet" type="text/css">
    </head>
    <body bgcolor="#FFFFFF" text="#000000" link="#0000ff" vlink="#800080"
    	alink="#ff0000">
    <p>You have been redirected to this page because the resource you try to
    access is protected. Please supply a User ID and password below. After
    successful login, you will be automatically redirected to the page you
    originally requested.</p>
    <form method="post" action="/Chapter5Web/j_security_check">
    <table width="80%">
    	<tr>
    		<td width="20%" align="right">User ID:</td>
    		<td><input size="20" type="text" name="j_username" maxlength="25"></td>
    	</tr>
    	<tr>
    		<td align="right">Password:</td>
    		<td><input size="20" type="password" name="j_password" maxlength="25"></td>
    	</tr>
    	<tr>
    		<td></td>
    		<td><input type="submit" name="action" value="Login">&nbsp;<input
    			type="reset" name="reset" value="Clear"></td>
    	</tr>
    </table>
    </form>
    </body>
    </html>
    								
    								

    error.html:

    
    <html>
    <head>
    <title>IBM-257 Error</title>
    <link href="theme/Master.css" rel="stylesheet" type="text/css">
    </head>
    <body bgcolor="#FFFFFF" text="#000000" link="#0000ff" vlink="#800080"
    	alink="#ff0000">
    <p><font color="#FF0000">Invalid User ID and/or password, could not
    login !</font></p>
    <form method="post" action="/Chapter5Web/j_security_check">
    <table width="80%">
    	<tr>
    		<td width="20%" align="right">User ID:</td>
    		<td><input size="20" type="text" name="j_username" maxlength="25"></td>
    	</tr>
    	<tr>
    		<td align="right">Password:</td>
    		<td><input size="20" type="password" name="j_password" maxlength="25"></td>
    	</tr>
    	<tr>
    		<td></td>
    		<td><input type="submit" name="action" value="Login">&nbsp;<input
    			type="reset" name="reset" value="Clear"></td>
    	</tr>
    </table>
    </form>
    </body>
    </html>
    								
    								

  2. Within J2EE perspective, click Dynamic Web Projects > Chapter5Web to expand the tree.

  3. Double-click the Deployment Descriptor of Chapter5Web Web Module. The Web Deployment descriptor page opens.

  4. Select the Pages tab and scroll down.

  5. In the Login section, select FORM authentication method.

  6. For the Login page, specify /login.html Web page and for the Error page specify /error.html Web page.

    FORM Login

  7. Save the changes.

Setting the Authentication Method for the application Web module creates a login-config section in a Web deployment descriptor XML file, as shown below:


<login-config>
	<auth-method>FORM</auth-method>
	<form-login-config>
		<form-login-page>/login.html</form-login-page>
		<form-error-page>/error.html</form-error-page>
	</form-login-config>
</login-config>
					
					

Simple form-based login does not require any extra code development on the server side. Servlet j_security_check that WebSphere Application Server uses, enforces only the name of the input fields that the developer must put in the custom Login Form.

These fields are as follows:

The action required for the HTTP POST method is j_security_check. A simple HTML code for the custom login form is given below:


<form method="post" action="/Chapter5Web/j_security_check">
	User ID: <input type="text" name="j_username">
	Password: <input type="password" name="j_password">
	<input type="submit" name="action" value="Login">
</form>
					
					

Now try to open for example this URL:

https://localhost:9443/Chapter5Web/authenticated.jsp or http://localhost:9080/Chapter5Web/authenticated.jsp:

Login Form

Note: The j_security_check servlet does not work when Global Security is disabled. The Application Server returns a Page Not Found error.

BOOT.BY - Tech Industry News         Free SCBCD 1.3 Study Guide     Free SCDJWS 1.4 Study Guide     SCDJWS 1.4 Quiz     Free IBM Certified Associate Developer Study Guide     Free SCJP 5.0 (Tiger) Study Guide     Free Mock Exam Engine     Free SCWCD 1.4 Study Guide     IBM Test 000-287. Enterprise Application Development with IBM WebSphere Studio, V5.0 Study Guide     Free SCBCD 5.0 Study Guide