Custom Authenticator with FormLogin and UserInRole

From Resin 3.0

(Difference between revisions)
Jump to: navigation, search
 

Latest revision as of 17:36, 21 October 2011


Contents

WEB-INF/resin-web.xml 

  <web-app xmlns="http://caucho.com/ns/resin"
        xmlns:resin="urn:java:com.caucho.resin"
        xmlns:qa="urn:java:qa">

   <qa:TestAuthenticator/>

   <resin:FormLogin form-login-page="/login.jsp"
                    form-error-page="/error.jsp"/>

   <resin:Allow url-pattern="/admin/*">
     <resin:IfUserInRole role="admin"/>
   </resin:Allow>
 </web-app>

test.MyAuthenticator 

package qa;

import java.security.*;

import com.caucho.security.*;

public class TestAuthenticator extends AbstractAuthenticator {
  @Override
  public Principal authenticate(Principal principal, char []password)
  {
    if (principal.getName().equals("harry")
        && "quidditch".equals(new String(password))) {
      return new MyPrincipal("harry");
    }
    else {
      return null;
    }
  }

  @Override
  public boolean isUserInRole(Principal user, String role)
  {
    return "admin".equals(role)
           && user != null && user.getName().equals("harry");
  }
}

login.jsp 

<html>
<form url='j_security_check'>
User: <input type='text' name='j_username'><br>
Password: <input type='password' name='j_password'><br>
<input type='submit'>
</form>
</html>

error.jsp 

 <html>
 <h1>failed login</h1>
User: <input type='text' name='j_username'><br>
Password: <input type='password' name='j_password'><br>
<input type='submit'>
</form>
</html>
Retrieved from "http://wiki3.caucho.com/index.php?title=Custom_Authenticator_with_FormLogin_and_UserInRole&oldid=4080"
Personal tools