Featured Posts

ExtJS, Spring MVC 3 and Hibernate 3.5: CRUD DataGrid... This tutorial will walk through how to implement a CRUD (Create, Read, Update, Delete) DataGrid using ExtJS, Spring MVC 3 and Hibernate 3.5. What do we usually want to...

Readmore

ExtJS plugin: PagingToolbarResizer Well, this is my first ExtJS plugin. Though it is not an advanced plugin, I'm very happy and it is a big accomplishment for me! The problem: ExtJS PagingToolbar Component...

Readmore

Hibernate 3 Annotations Tutorial This tutorial will walk through how to implement a hello world project using Hibernate Annotations and MySQL database. Requirements Download and unzip Hibernate Core...

Readmore

My DeveloperWorks: What's life like for a female Java... Just wanted to share with you my interview on Valerie's My developerWorks blog: Interview with Loiane Groner, Java developer in Brazil. I'm very happy, because this interview...

Readmore

Getting started with ExtJS in your J2EE project This tutorial will walk through how to get an Ext JS installation up and running quickly in your java (J2EE) project. Level: Basic This is the screenshot of this tutorial: First,...

Readmore

Loiane Groner Rss

Spring Security: Login and Logout Form JSP

Posted on : 25-01-2010 | By : Loiane | In : Spring, Spring Security

3

When you configure spring security in your web application you can configure your login.jsp in the applicationContext-security.xml.

But how this page looks like? If you search around, you are not going to find it easily. There is many articles about how to configure spring security, but a few ones list login.jsp.

If you take a look in the spring security distribution file, you are going to find an example application, and inside it: login.jsp and logout link.

login.jsp

<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.springframework.security.AuthenticationException" %>

<html>
  <head>
    <title>Login</title>
  </head>

  <body>
    <h1>Login</h1>

    <c:if test="${not empty param.login_error}">
      <font color="red">
        Your login attempt was not successful, try again.<br/><br/>
        Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
      </font>
    </c:if>

    <form name="f" action="<c:url value='j_spring_security_check'/>" method="POST">
      <table>
        <tr><td>User:</td><td><input type='text' name='j_username' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr>
        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
        <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>

        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
      </table>
    </form>
  </body>
</html>

The names of the fields MUST remain the same or else your authentication will fail.

As far as the logout goes, all you have to do is send the user to a particular servlet define by spring-security.

logout link:

<a href="<c:url value="/j_spring_security_logout"/>">Logout</a>

That’s it!

Happy Coding!

Read Full Article

Page 7 of 8« First...45678