on 02-15-2006 10:37 AM
Hi all,
we want to use (form)container-based authentication for our web module. In the web.xml i can specifiy the login and error page.
<form-login-config>
<form-login-page>login.jsp</form-login-page>
<form-error-page>error.jsp</form-error-page>
</form-login-config>
Everything works fine, except i can't figure out how to show a detailed messange in the error.jsp about the error which occured. In other terms i would like to inform the user why the logon was unsuccessful, maybe he is locked or the userid doesn't exists or password is wrong.
I had a look in the servlet 2.3 specification and it stated "The error page sent to a user that is not authenticated contains information about the failure."
Thanks for your help
Matthias Hlubek
Hey Matthias,
"Basic" login configuration worked for me and now, I am trying to do a form based login. What did you specify as 'action' in your login.jsp ?
Also, when using any of the predefined authorization schemes (Basic, form, Digest, client-cert), finally the users have to be configured using Visual Administrator's Security Provider Service for that application component. So, does this mean that the users should exist in only the UME?
My question is, can we have a custom login module stack (my custom login module in it) and not use UME to store users? My app. should provider a login page and take username/pwd and use the custom login module and authenticate by external mechanisms (trying to use an older code for authentication) against an unrelated database.
Thanks,
Kiran
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Asumed the rest is defined properly (who might access and appropriate realm in web.xml) and you have your error.jsp implemented as described above, I would include the following within web.xml as well:
<!-- catching the errors -->
<error-page>
<exception-type>javax.servlet.ServletException</exception-type>
<exception-type>java.lang.Exception</exception-type>
<location>/error.jsp</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/error.jsp?code=404</location>
</error-page>
Hope this helps.
M.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Matthias,
In the login page create a RunTimeException Object and pass the parameter u want to set i.e error description.......
if(request.getParameter("name")==null)
{ throw new RuntimeException("Name not Scecified");
}
In the ErrorPage print the error description by
<%=exception.getMessage()%>
Regards,
Yash
Message was edited by: Yashpal Gupta
Message was edited by: Yashpal Gupta
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Yashpal,
if i got you right the login page should a throw a exception. But the login page just contains a form to submit j_username and j_password to the container. How can i create a Exception then ?
Does the web container throw the exception too ?
And how to retrieve it in the error page ?
best regards,
Matthias Hlubek
Hi Matthias,
in case the authentication fails, the web container should set the following standard attributes to the request object: javax.servlet.error.message, javax.servlet.error.status_code, etc. (see the page I linked you to in the previous message). Then, inside your error page, you can use the request.getAttribute("javax.servlet.error.message") to retrieve the error message and display it to the user. There's an example about that under the link I provided.
So, to summarize: If the authentication fails, the page that you've set up in the web.xml is returned. Inside your error page, use the "error" attributes to obtain details about the error.
Does that explain things better now?
Regards,
Ivo
Hi Ivaylo,
great, thanks for your explanation. First i just tried to get the error message with request.getAttribute("javax.servlet.error.message")%> but i was always got null. Therefore i thought i did something wrong. Now i use request.getAttribute("javax.servlet.error.status_code") and i get 500. But i guess this is another story
thanks Ivaylo
best regards,
Matthias Hlubek
Hi Ivo,
zdr.), I see from the posts you are experienced in the area that I am interesting as well. Do you mind exchanging emails so we can exchange better info - I got an array of issues ? I will be glad to reward points here but will also appreciate if we could get in touch . Thanks much in advance for your reply! Boby , brpitsev@yahoo.com
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.