Logo 
Search:

Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

simple and secure login system using the j_security_check method

  Asked By: Pedro    Date: Dec 27    Category: Java    Views: 7001
  

Does anyone have a simple and secure login system using the
j_security_check method?
I would be thankful to have one sample from you!

Share: 

 

2 Answers Found

 
Answer #1    Answered By: Corey Brown     Answered On: Dec 27

it has two approach:
1-without having password with session.
2-with having password with session.
if you choose 1 ,you could see following sample:
1-create security-domain in jboss/server/default/conf/login-config.xml , for example:


<application-policy name="LdapToActiveDirectory">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required" >
<module-option name="java.naming.provider.url">ldap://opxiAppServer.cc.basamad.acc:389/</module-option>
<module-option name="rolesCtxDN">ou=opxi,dc=cc,dc=basamad,dc=acc</module-option>
<module-option name="matchOnUserDN">false</module-option>
<module-option name="principalDNSuffix">@cc.basamad.acc</module-option>
<module-option name="uidAttributeID">sAMAccountName</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="multi-threaded">true</module-option>
</login-module>
</authentication>
</application-policy>

and add this line to ./WEB-INF/jboss-web.xml, for example:

<jboss-web>
<security-domain>java:/jaas/LdapToActiveDirectory</security-domain>
<context-root>/opxi-manager</context-root>
</jboss-web>

and then make your login  page, for example:

<form action="j_security_check" method="post">
<input type="text" name="j_username">
<input type="password" name="j_password">
<input type="submit" value="submit it">
</form>

and it is over

but if you wanna 2, you should implement loginModule for login to your system.

 
Answer #2    Answered By: Fred Hicks     Answered On: Dec 27

This is not the place to put such code samples. The application sample
depends on which servlet container you're running.
I recommend you to read
java.sun.com/.../Security5.html
and look for your specific environment configuration (e.g. Tomcat) to
deploy your "simple and secure  login system."

 




Tagged: