Custom Authenticator with FormLogin and UserInRole
From Resin 3.0
(Difference between revisions)
| Line 59: | Line 59: | ||
<html> | <html> | ||
| − | + | <h1>failed login</h1> | |
User: <input type='text' name='j_username'><br> | User: <input type='text' name='j_username'><br> | ||
Password: <input type='password' name='j_password'><br> | Password: <input type='password' name='j_password'><br> | ||
Revision as of 19:34, 15 November 2010
WEB-INF/resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin" xmlns:resin="urn:java:com.caucho.resin" xmlns:qa="urn:java:qa"> <qa:TestAuthenticator/> <resin:FormLogin form-login-page="/login.jsp" form-error-page="/error.jsp"/> <resin:Allow url-pattern="/admin/*"> <resin:IfUserInRole role="admin"/> </resin:Allow> </web-app>
test.MyAuthenticator
package qa;
import java.security.*;
import com.caucho.security.*;
public class TestAuthenticator extends AbstractAuthenticator {
@Override
public Principal authenticate(Principal principal, char []password)
{
if (principal.getName().equals("harry")
&& "quidditch".equals(new String(password))) {
return new MyPrincipal("harry");
}
else {
return null;
}
}
@Override
public boolean isUserInRole(Principal user, String role)
{
return "admin".equals(role)
&& user != null && user.getName().equals("harry");
}
}
login.html
<html> <form url='j_security_check'> User: <input type='text' name='j_username'>
Password: <input type='password' name='j_password'>
<input type='submit'> </form> </html>
=== error.html
<html> <h1>failed login</h1> User: <input type='text' name='j_username'>
Password: <input type='password' name='j_password'>
<input type='submit'> </form> </html>
