Skip to Main Content
WebLogic: The Definitive Guide
book

WebLogic: The Definitive Guide

by Jon Mountjoy, Avinash Chugh
February 2004
Intermediate to advanced content levelIntermediate to advanced
848 pages
27h 25m
English
O'Reilly Media, Inc.
Content preview from WebLogic: The Definitive Guide

Security Configuration

WebLogic provides several ways to secure a web application:

  • You can declaratively configure web authentication for clients that access your web application. You can restrict access to resources in a web application by applying security constraints to a collection of web resources.

  • A servlet/JSP can programmatically check whether the client has sufficient privileges before executing a particular piece of code.

  • You can programmatically log in a user, bypassing the standard J2EE mechanisms.

Authentication

The login-config element in the standard web.xml deployment descriptor allows you to set up authentication for a web application. You can specify the authentication method using the auth-method element. WebLogic supports the following authentication methods:

HTTP basic authentication (BASIC)

Here the web server authenticates the client against the security realm using the supplied username and password combination.

Form-based authentication (FORM)

Here the client authenticates using a custom HTML form, which resembles:

<form method="post" action="j_security_check"> 
  <input type="text" name="j_username">
  <input type="password" name="j_password"> 
</form>

If you choose form-based authentication, you must specify the locations for the login page that initially will be displayed, and the error page that will be used when the user fails to authenticate himself. Use the form-login-page subelement to specify the login page, and the form-error-page subelement to specify ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Building Microservices with Spring Boot, Second Edition

Building Microservices with Spring Boot, Second Edition

Josh Long / Phillip Webb
Spring Microservices in Action, Second Edition

Spring Microservices in Action, Second Edition

John Carnell, Illary Huaylupo Sanchez
Kubernetes: Up and Running, 2nd Edition

Kubernetes: Up and Running, 2nd Edition

Brendan Burns, Joe Beda, Kelsey Hightower
Learn OpenShift

Learn OpenShift

Denis Zuev, Artemii Kropachev, Aleksey Usov

Publisher Resources

ISBN: 059600432XErrata Page