If you truly want a box with a username and password login on every page
(as some portals have), then you do NOT want to use the
container-provided security and the <form-login-config> Instead, you
will have to create your own security / login mechanism in your own
servlet / taglib / whatever.
As David pointed out, doing what you specified below will mean that you
need a completely separate login page that will pop up the first time
somebody tries to access a secured page. That may not be what you want.
(I'd try it and see if it is acceptable though, since it is the easiest
solution).
>>> [EMAIL PROTECTED] 3/4/04 1:56:05 AM >>>
Before starting on a quest for more knowledge I thought I ask you all,
I'm building a web app.
A user should be able to login on every page available.
So every page has a form with a loginname and password field.
The form is formatted correctly for form based login.
I'm not using frames!
My web.xml contains :
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/*</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
I'm wondering about the <form-login-page> tag.
How to make it clear to tomcat that every page can be a login page.
I haven't tried it yet but I think my solution (/*) will not work.
The testingserver DB is broken and we are using JDBCRealm.
Who has experience with this and is willing to help me?
I would like to know what to fill in in the <form-login-page> tag or
any other way to solve this.
Kind regards,
Werner van Mook
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Jeff Tulley ([EMAIL PROTECTED])
(801)861-5322
Novell, Inc., The Leading Provider of Net Business Solutions
http://www.novell.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
