Container-based basic authentication on servlet

In our previous examples we used interfaces provided by JAAS to authenticate with loginform.jsp. The previous application had a custom login form design with authentication handled by JAAS API provided by the application server.

Getting ready

  • Create a simple web-app project
  • Create a servlet class
  • Edit the web.xml file for basic authentication
  • Add a constraint to restrict the user from accessing the servlet

How to do it...

Now, we will see the basic authentication. The container provides the login form and authenticates the user and redirects the user to the servlet after authentication is successful. There is no login form involved.

Make the following changes in the web.xml file:

<login-config>
   <auth-method>BASIC</auth-method>
<form-login-config>

Export the .war to JBoss, restart the server, and access the servlet.

How it works...

In the previous example the container decides the mechanism for authenticating the servlet by reading the web.xml file. Here the <auth-method> tag has defined BASIC as the mode of authentication. We should get a login dialog box popped up when we access the secured resource.

The following screenshots show the workflow of the implementation:

How it works...
How it works...

See also

  • The Form-based authentication on servlet recipe
  • The Form-based authentication with open LDAP and servlet recipe
  • The Hashing/Digest Authentication on servlet recipe
  • The Basic authentication for JAX-WS and JAX-RS recipe
  • The Enabling and disabling the file listing recipe
上一章目录下一章