Developing Browser-Based Authentication
To change the login method to use browser-based authentication, simply modify the deployment descriptor, web.xml. Browser-based authentication is defined completely in the deployment descriptor and nowhere else.
Specifying Deployment Descriptor Web Authorization Methods
The <login-config> XML tag is used to encapsulate a new authorization method (<auth-method>). There are three options for the <auth-method>:
BASIC, in which the Web browser displays a user name/password dialog box. This user name and password is authenticated against the realm.
FORM, which is the HTML form-based authentication used in the form-based example.
CLIENT-CERT, which requires SSL and a client-side certificate. This option is discussed ...
Get J2EE™ Applications and BEA™ WebLogic Server™ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.