Custom Authenticator with FormLogin and UserInRole
From Resin 3.0
Contents |
WEB-INF/resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin" xmlns:resin="urn:java:com.caucho.resin" xmlns:qa="urn:java:qa"> <qa:TestAuthenticator/> <resin:FormLogin form-login-page="/login.jsp" form-error-page="/error.jsp"/> <resin:Allow url-pattern="/admin/*"> <resin:IfUserInRole role="admin"/> </resin:Allow> </web-app>
test.MyAuthenticator
package qa;
import java.security.*;
import com.caucho.security.*;
public class TestAuthenticator extends AbstractAuthenticator { @Override public Principal authenticate(Principal principal, char []password) { if (principal.getName().equals("harry") && "quidditch".equals(new String(password))) { return new MyPrincipal("harry"); } else { return null; } } @Override public boolean isUserInRole(Principal user, String role) { return "admin".equals(role) && user != null && user.getName().equals("harry"); } }
login.html
<html> <form url='j_security_check'> User: <input type='text' name='j_username'>
Password: <input type='password' name='j_password'>
<input type='submit'> </form> </html>
=== error.html
<html>
failed login
User: <input type='text' name='j_username'>
Password: <input type='password' name='j_password'>
<input type='submit'> </form> </html>