Custom Authenticator with FormLogin and UserInRole

From Resin 3.0

(Difference between revisions)
Jump to: navigation, search
Line 46: Line 46:
 
  }
 
  }
  
=== login.html ===
+
=== login.jsp ===
  
 
  <html>
 
  <html>
Line 56: Line 56:
 
  </html>
 
  </html>
  
=== error.html ===
+
=== error.jsp ===
  
 
   <html>
 
   <html>

Revision as of 19:35, 15 November 2010


Contents

WEB-INF/resin-web.xml

  <web-app xmlns="http://caucho.com/ns/resin"
        xmlns:resin="urn:java:com.caucho.resin"
        xmlns:qa="urn:java:qa">

   <qa:TestAuthenticator/>

   <resin:FormLogin form-login-page="/login.jsp"
                    form-error-page="/error.jsp"/>

   <resin:Allow url-pattern="/admin/*">
     <resin:IfUserInRole role="admin"/>
   </resin:Allow>
 </web-app>

test.MyAuthenticator

package qa;

import java.security.*;

import com.caucho.security.*;

public class TestAuthenticator extends AbstractAuthenticator {
  @Override
  public Principal authenticate(Principal principal, char []password)
  {
    if (principal.getName().equals("harry")
        && "quidditch".equals(new String(password))) {
      return new MyPrincipal("harry");
    }
    else {
      return null;
    }
  }

  @Override
  public boolean isUserInRole(Principal user, String role)
  {
    return "admin".equals(role)
           && user != null && user.getName().equals("harry");
  }
}

login.jsp

<html>
<form url='j_security_check'>
User: <input type='text' name='j_username'><br>
Password: <input type='password' name='j_password'><br>
<input type='submit'>
</form>
</html>

error.jsp

 <html>
 <h1>failed login</h1>
User: <input type='text' name='j_username'><br>
Password: <input type='password' name='j_password'><br>
<input type='submit'>
</form>
</html>
Personal tools