O'Reilly logo

Head First Servlets and JSP, 2nd Edition by Bert Bates, Bryan Basham, Kathy Sierra

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Form-Based Authentication

Although there’s more to implementing it than with the other forms of authentication, FORM-based isn’t that bad. First, you create your own custom HTML form for the user login (although this can certainly be generated by a JSP). Then you create a custom HTML error page for the Container to use when the user makes a login error. Finally, you tie the two forms together in the DD, using the <login-config> element. Note: if you’re using Form-based authentication, be sure to turn on SSL or session tracking, or your Container might not recognize the login form when it’s returned!

What YOU do:

  1. Declare <login-config> in the DD

  2. Create an HTML login form

  3. Create an HTML error form

Note

Three entries in the HTML login form are the key to communicating with the container:

- j_security_check

- j_username

- j_password

image with no caption

Don’t relax!

You need to know everything on this page for the exam!

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required