5.9. Providing Security
Use of the server’s built-in capabilities to manage security is discussed in Chapter 7 (Declarative Security). This section summarizes the web.xml elements that relate to this topic.
Designating the Authorization Method
You use the login-config element to specify how the server should authorize users who attempt to access protected pages. It contains three possible subelements: auth-method, realm-name, and form-login-config. The login-config element should appear near the end of the web.xml deployment descriptor, immediately after the security-constraint element discussed in the next subsection. For complete details on the ordering of elements within web.xml, see Section 5.2. For details and examples on the use of the ...
Get More Servlets and JavaServer Pages™ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
