Featured Posts

Hibernate 3 Annotations Tutorial This tutorial will walk through how to implement a hello world project using Hibernate Annotations and MySQL database. Requirements Download and unzip Hibernate Core...

Readmore

My DeveloperWorks: What's life like for a female Java... Just wanted to share with you my interview on Valerie's My developerWorks blog: Interview with Loiane Groner, Java developer in Brazil. I'm very happy, because this interview...

Readmore

Getting started with ExtJS in your J2EE project This tutorial will walk through how to get an Ext JS installation up and running quickly in your java (J2EE) project. Level: Basic This is the screenshot of this tutorial: First,...

Readmore

Tutorial: Getting Started with Spring Security This tutorial will cover a basic scenario where it  integrates Spring Security, using database-backed authentication, into an existing Spring web application. Spring...

Readmore

Integrating Spring Security with ExtJS Login Page This tutorial will walk through how to configure ExtJS Login form (Ajax login form) instead of default Spring Security login.jsp. Instead of using login.jsp from spring...

Readmore

Loiane Groner Rss

Spring Security: Login and Logout Form JSP

Posted on : 25-01-2010 | By : Loiane | In : Spring, Spring Security

3

When you configure spring security in your web application you can configure your login.jsp in the applicationContext-security.xml.

But how this page looks like? If you search around, you are not going to find it easily. There is many articles about how to configure spring security, but a few ones list login.jsp.

If you take a look in the spring security distribution file, you are going to find an example application, and inside it: login.jsp and logout link.

login.jsp

<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.springframework.security.AuthenticationException" %>

<html>
  <head>
    <title>Login</title>
  </head>

  <body>
    <h1>Login</h1>

    <c:if test="${not empty param.login_error}">
      <font color="red">
        Your login attempt was not successful, try again.<br/><br/>
        Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
      </font>
    </c:if>

    <form name="f" action="<c:url value='j_spring_security_check'/>" method="POST">
      <table>
        <tr><td>User:</td><td><input type='text' name='j_username' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr>
        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
        <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>

        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
      </table>
    </form>
  </body>
</html>

The names of the fields MUST remain the same or else your authentication will fail.

As far as the logout goes, all you have to do is send the user to a particular servlet define by spring-security.

logout link:

<a href="<c:url value="/j_spring_security_logout"/>">Logout</a>

That’s it!

Happy Coding!

  • Share/Bookmark

Read Full Article

Page 1 of 512345