Thanks, But jsf tag lib can't identify form attributes like name="login" action="j_security_check" method="POST", my code snippnet is:
<%@ taglib uri="http://java.sun.com/jsf/core"; prefix="f"> <%@ taglib uri="http://java.sun.com/jsf/html"; prefix="h"> .... ..... <f:view> <h:form name="login" action="j_security_check" method="POST"> </h:form> </f:view> .... if i deploy this login.jsp. errors:attribute invalid for Form. So may Database sql realm can't support jsf page? On Wed, Apr 15, 2009 at 1:30 PM, David Jencks <[email protected]>wrote: > > On Apr 14, 2009, at 7:30 PM, viola lu wrote: > > Hi,ALL: > > i created a database security realm following link: > http://cwiki.apache.org/GMOxDOC20/database-sql-realm.html,and create a > dynamic web application, create login/register pages using JSF, login is > controlled by loginbean and regsiterbean which authorizes user/password by > connecting to database, but i want to use database security realm to > verify user login like this: > > <login-config> > <auth-method>FORM</auth-method> > <realm-name>MYREALM</realm-name> > <form-login-config> > <form-login-page>login.jsp</form-login-page> > <form-error-page>login_error.jsp</form-error-page> > </form-login-config> > </login-config> > But it seems, login action always call loginbean not realm to authorize. > Something is missing?Thanks. > > > To use "built in" form authentication your login page needs to have a form > with action "j_security_check", something like this: > > <form name="login" action="j_security_check" method="POST"> > > If you want anything fancier you'll need to wait for servlet 3 where > there's going to be a programatic way to log into the configured security > realms such as the db one you defined. I haven't looked at this proposal in > detail but I think it will let you do stuff like logging in from the jsf > loginbean. > > thanks > david jencks > > > > -- > viola > > > -- viola
