All Examples All Security Examples
formauth Java Server Pages Example
about this example
This example shows how to use JSP to force authentication before an
HTML page is displayed.
The example includes the following files:
This page displays the login form. When the user clicks the Login
button, login data is POSTed to the page that called form.jsp or, if the user loaded
form.jsp directly, to a
designated page, securitytest.jsp as distributed. The page you designate
must include authenticate.jsp
so that it can process the POST data.
This page is the same as form.jsp, except that it displays an "authentication
failure" message above the login form. It is displayed if authenticate.jsp executes before a
user has been authenticated in the WebLogic realm.
This JSP code can be included at the top of any HTML page to force
authentication before the page is viewed. The JSP code instantiates
the weblogic.servlet.security.ServletAuthentication class
and performs an authentication call into the WebLogic realm. If the
authentication call succeeds, the remainder of the page is displayed.
If the authentication call fails, an error page is displayed instead.
This is a simple page that displays "Success!" in the web browser
after the user is successfully authenticated. It sets the name of the
login form and the name of the error page, then includes authenticate.jsp at the top of the
file, before the <HTML> tag, and authdone.jsp at the bottom of the file, after the </HTML> tag. The
web page is coded in standard HTML between the JSP include statements.
This JSP file can be included at the end of a page that is loaded after
the authenticate.jsp page has
executed. It removes the authenticated user's InitialContext from the
session. The session then loses the ability to use the authenticated user.
how to use this package
- Set up the necessary properties in your weblogic.properties file, including registering the JSP
servlet, setting its initArgs, and setting up a document root. Here is
an example registration. There is a similar one commented out in the
installed properties file. Be sure to edit the paths to match your
See Setting up
WebLogic JSP to find out more about the JSP Servlet arguments.
Also add a user to the weblogic.properties
file, if you haven't already. For example,
- Copy all of the .jsp files in this directory to your JSP directory in
your registered document root, for example myserver/public_html/jsp.
- Start the WebLogic Server in your server shell.
Load the form.jsp page
using a URL such as:
Enter your username and password in the dialog box and click the Login button.
Read more about JSP in the Developers Guide, Using WebLogic JSP.
Read more about WebLogic Security and authentication in the Developers
Guide, Using WebLogic Realms and
Other Developers Guides that may be of interest for
the examples in this directory are:
1999-2000 BEA Systems, Inc. All rights reserved.