-----Original Message----- From: Christian Hargraves [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 25, 2001 12:47 PM To: '[EMAIL PROTECTED]' Subject: RE: JDBCRealm Question Thank you very much for your help Jeff. Can I see the important part of your login.jsp page too? That's the missing link. I think if we can get the password, encrypt it, then have JDBCRealm handle it, it will work. Thanks a ton for your help. -----Original Message----- From: Jeff Kilbride [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 25, 2001 12:43 PM To: [EMAIL PROTECTED] Subject: Re: JDBCRealm Question Hi Christian, Here's an example of my login-config setup to use HTML forms: ------------------------ <login-config> <auth-method>FORM</auth-method> <realm-name>Private Authentication Area</realm-name> <form-login-config> <form-login-page>/login/login.jsp</form-login-page> <form-error-page>/login/error.jsp</form-error-page> </form-login-config> </login-config> ------------------------ With this setup, all attempts to access docs in my protected area get redirected to /login/login.jsp. All login errors go to /login/error.jsp. I'm not sure about encrypted passwords. You may have to take a look at the class that implements the JDBCRealm and do some customization -- encrypt the password before the call is made to the DB. I'm also not sure what session object it creates. There's a simple example in the examples.war package that comes with the distribution. If you have the examples package in your TOMCAT_HOME/webapps directory, the path to the example is /webapps/examples/jsp/security. The web.xml entries are in /webapps/examples/WEB-INF/web.xml. Thanks, --jeff ----- Original Message ----- From: "Christian Hargraves" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 25, 2001 8:17 AM Subject: JDBCRealm Question > I have read the JDBCRealm.howto file, but I still have a few questions. > > in the application's web.xml file there is a login-config tag. > > 1) What do I set the login-config tag in the web.xml file to so that it will > use JDBCRealm? > 2) We have encrypted passwords. How would we configure JDBCRealm to > handle them? > 3) What session object does JDBCRealm create and what is the name of session > object it creates once authenticated. > 4) Is there an example app out there that uses an HTML form to handle the > authentication? > > Thanks so much for all of your time > > Christian >
