Programmatic login with servlet 3.0
0 likes1,434 views
The document describes how to implement programmatic login in Servlet 3.0. It explains that the HttpServletRequest object contains new login() and logout() methods to authenticate users. The login() method validates the username and password against the default realm, while logout() logs the user out of the current session. An example is provided using Tomcat 7 with a servlet that calls login() on successful credentials and logout() on logout.
![Abani: Programmatic login with Servlet 3.0
Share Report Abuse Next Blog» Create Blog Sign In
Abani
WEDNESDAY, MAY 2, 2012
Programmatic login with Servlet 3.0
In this blog I will describe you how we can achieve programmatic login with Servlet 3.0 compliant
JEE server or container.
The HttpServletRequest object in Servlet3 has got few new methods. Few of them are listed
below.
login(username, password) - validate the user with specified username & password
with the default realm & creates an authenticated subject in the current request. SEARCH THIS BLOG
logout() - logs out the current logged in user/subject
Search
getParts() - returns array of Multi-part objects available in the request.
getPart(field) - return the multi-part object associated with the field name
ABANI
In our case, I will use login & logout methods respectively.
The software used to illustrate the programmatic login are listed below.
NetBeans 7.1.1 ( IDE )
Tomcat 7.0.27 ( Server / Container )
Ubuntu LTS 12.04 ( OS )
I have created a dynamic web application named LoginDemo & my target runtime server is
tomcat7. The project structure looks like below.
BLOG ARCHIVE
▼ 2012 (3)
▼ May (2)
Programmatic login with Servlet 3.0
Accessing EJB methods from JSF pages
via CDI
► February (1)
► 2011 (10)
► 2010 (2)
► 2009 (2)
below. I have created two jsp pages index.jsp & myaccount.jsp. index.jsp has the login form
where I will submit my action to a servlet, where I will perform my authentication.
To authenticate the user inputs I have created a servlet named AuthServlet in my application. The
AuthServlet holds the business logic to perform login. Please see the code snippet below.
private void processLogin(HttpServletRequest request, HttpServletResponse
http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]](https://image.slidesharecdn.com/programmaticloginwithservlet3-0-120503012755-phpapp02/85/Programmatic-login-with-servlet-3-0-1-320.jpg)
![Abani: Programmatic login with Servlet 3.0
response) throws IOException, ServletException {
String username = request.getParameter("uid");
String password = request.getParameter("pwd");
RequestDispatcher rd = null;
try {
request.login(username, password);
rd = request.getRequestDispatcher("myaccount.jsp");
} catch(Exception e){
request.setAttribute("msg", "Unable to login with " + username +
"");
rd = request.getRequestDispatcher("login.jsp");
}
rd.forward(request, response);
}
The request object has login() method. which takes 2 parameters. The first one is the username &
second parameter as password. Then the login method validates the username/password with the
default realm. In case of tomcat the default realm is configured with file based tomcat-users.xml
file. which can be found under $CATALINA_HOME/conf directory.
So we have to configure few users in the tomcat-users.xml file. See below for a sample config.
Tomcat creates an authenticated subjected by matching the username/password provided with the
username password available in tomcat-users.xml file (The file based realm is the default realm in
tomcat, we can change it to LDAPRealm/JNDIRealm, JDBCRealm, JAASRealm) .
Similar to login() method, the request object has another method named logout(), which just logs
out the user from current authenticated subject. See the code below for logout functionality.
protected void processRequest(HttpServletRequest request, HttpServletResponse
response)
throws ServletException, IOException {
if ( request.getServletPath().equalsIgnoreCase("/login") ) {
processLogin(request, response);
}
else {
request.logout();
request.setAttribute("msg", "You have successfully logged out of
system");
request.getRequestDispatcher("index.jsp").forward(request,
response);
}
}
The complete code can be checked in at Google svn & can be found here. The screen shots of the
above application in running mode are given below.
http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]](https://image.slidesharecdn.com/programmaticloginwithservlet3-0-120503012755-phpapp02/85/Programmatic-login-with-servlet-3-0-2-320.jpg)
![Abani: Programmatic login with Servlet 3.0
Let me know if you find any difficulty in accessing or executing the code.
Thanks,
Abani R. Behera
Posted by abani behera at 4:17 AM
0 comments:
Post a Comment
http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]](https://image.slidesharecdn.com/programmaticloginwithservlet3-0-120503012755-phpapp02/85/Programmatic-login-with-servlet-3-0-3-320.jpg)
![Abani: Programmatic login with Servlet 3.0
Comment as: Select profile...
Select profile...
Publish Preview
Home Older Post
Subscribe to: Post Comments (Atom)
Simple template. Template images by gaffera. Powered by Blogger.
http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]](https://image.slidesharecdn.com/programmaticloginwithservlet3-0-120503012755-phpapp02/85/Programmatic-login-with-servlet-3-0-4-320.jpg)
Programmatic login with servlet 3.0
- 1. Abani: Programmatic login with Servlet 3.0 Share Report Abuse Next Blog» Create Blog Sign In Abani WEDNESDAY, MAY 2, 2012 Programmatic login with Servlet 3.0 In this blog I will describe you how we can achieve programmatic login with Servlet 3.0 compliant JEE server or container. The HttpServletRequest object in Servlet3 has got few new methods. Few of them are listed below. login(username, password) - validate the user with specified username & password with the default realm & creates an authenticated subject in the current request. SEARCH THIS BLOG logout() - logs out the current logged in user/subject Search getParts() - returns array of Multi-part objects available in the request. getPart(field) - return the multi-part object associated with the field name ABANI In our case, I will use login & logout methods respectively. The software used to illustrate the programmatic login are listed below. NetBeans 7.1.1 ( IDE ) Tomcat 7.0.27 ( Server / Container ) Ubuntu LTS 12.04 ( OS ) I have created a dynamic web application named LoginDemo & my target runtime server is tomcat7. The project structure looks like below. BLOG ARCHIVE ▼ 2012 (3) ▼ May (2) Programmatic login with Servlet 3.0 Accessing EJB methods from JSF pages via CDI ► February (1) ► 2011 (10) ► 2010 (2) ► 2009 (2) below. I have created two jsp pages index.jsp & myaccount.jsp. index.jsp has the login form where I will submit my action to a servlet, where I will perform my authentication. To authenticate the user inputs I have created a servlet named AuthServlet in my application. The AuthServlet holds the business logic to perform login. Please see the code snippet below. private void processLogin(HttpServletRequest request, HttpServletResponse http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]
- 2. Abani: Programmatic login with Servlet 3.0 response) throws IOException, ServletException { String username = request.getParameter("uid"); String password = request.getParameter("pwd"); RequestDispatcher rd = null; try { request.login(username, password); rd = request.getRequestDispatcher("myaccount.jsp"); } catch(Exception e){ request.setAttribute("msg", "Unable to login with " + username + ""); rd = request.getRequestDispatcher("login.jsp"); } rd.forward(request, response); } The request object has login() method. which takes 2 parameters. The first one is the username & second parameter as password. Then the login method validates the username/password with the default realm. In case of tomcat the default realm is configured with file based tomcat-users.xml file. which can be found under $CATALINA_HOME/conf directory. So we have to configure few users in the tomcat-users.xml file. See below for a sample config. Tomcat creates an authenticated subjected by matching the username/password provided with the username password available in tomcat-users.xml file (The file based realm is the default realm in tomcat, we can change it to LDAPRealm/JNDIRealm, JDBCRealm, JAASRealm) . Similar to login() method, the request object has another method named logout(), which just logs out the user from current authenticated subject. See the code below for logout functionality. protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if ( request.getServletPath().equalsIgnoreCase("/login") ) { processLogin(request, response); } else { request.logout(); request.setAttribute("msg", "You have successfully logged out of system"); request.getRequestDispatcher("index.jsp").forward(request, response); } } The complete code can be checked in at Google svn & can be found here. The screen shots of the above application in running mode are given below. http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]
- 3. Abani: Programmatic login with Servlet 3.0 Let me know if you find any difficulty in accessing or executing the code. Thanks, Abani R. Behera Posted by abani behera at 4:17 AM 0 comments: Post a Comment http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]
- 4. Abani: Programmatic login with Servlet 3.0 Comment as: Select profile... Select profile... Publish Preview Home Older Post Subscribe to: Post Comments (Atom) Simple template. Template images by gaffera. Powered by Blogger. http://abani-behera.blogspot.in/2012/05/programmatic-login-in-servlet-30.html[03-05-2012 11:54:55]