Custom Authenticator with FormLogin and UserInRole
From Resin 3.0
(Difference between revisions)
(New page: Category: Cookbook Category: Security === WEB-INF/resin-web.xml === <web-app xmlns="http://caucho.com/ns/resin" xmlns:resin="urn:java:com.caucho.resin" xmlns...) |
|||
| Line 20: | Line 20: | ||
package qa; | package qa; | ||
| − | + | ||
import java.security.*; | import java.security.*; | ||
| − | + | ||
import com.caucho.security.*; | import com.caucho.security.*; | ||
| − | + | ||
public class TestAuthenticator extends AbstractAuthenticator { | public class TestAuthenticator extends AbstractAuthenticator { | ||
@Override | @Override | ||
Revision as of 19:33, 15 November 2010
Contents |
WEB-INF/resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin" xmlns:resin="urn:java:com.caucho.resin" xmlns:qa="urn:java:qa"> <qa:TestAuthenticator/> <resin:FormLogin form-login-page="/login.jsp" form-error-page="/error.jsp"/> <resin:Allow url-pattern="/admin/*"> <resin:IfUserInRole role="admin"/> </resin:Allow> </web-app>
test.MyAuthenticator
package qa;
import java.security.*;
import com.caucho.security.*;
public class TestAuthenticator extends AbstractAuthenticator {
@Override
public Principal authenticate(Principal principal, char []password)
{
if (principal.getName().equals("harry")
&& "quidditch".equals(new String(password))) {
return new MyPrincipal("harry");
}
else {
return null;
}
}
@Override
public boolean isUserInRole(Principal user, String role)
{
return "admin".equals(role)
&& user != null && user.getName().equals("harry");
}
}
login.html
<html> <form url='j_security_check'> User: <input type='text' name='j_username'>
Password: <input type='password' name='j_password'>
<input type='submit'> </form> </html>
=== error.html
<html>
failed login
User: <input type='text' name='j_username'>
Password: <input type='password' name='j_password'>
<input type='submit'> </form> </html>
