Java EE登录页面问题 [英] Java EE Login Page Problem
问题描述
我尝试编写一个登录表单,该表单将用户名和密码传递给servlet并让用户登录.
i try to code a login form which passes username and password to a servlet and let the user login.
然后,在servlet中,我
Then, in the servlet, i lo
request.login(username, password);
但是它抛出了无法验证用户身份的异常.
but it throws exception which failed to authenticate the user.
String authType = request.getAuthType();
if(authType != null) {
request.login(username, password);
}
- 我想知道如何编写一个简单的登录页面.
- request.authenticate(response)的用途是什么;
我尝试了一下,它弹出了一个无法继续进行的屏幕.
I try that and it pop out a screen which cannot be proceed anymore.
- 我尝试引用此页面 http://download.oracle. com/javaee/1.4/tutorial/doc/Security5.html ,我认为需要先配置身份验证,然后再登录并添加一些用户.
- I try to refer this page http://download.oracle.com/javaee/1.4/tutorial/doc/Security5.html which i think need to configure the authentication first before login and add some user.
请帮助.
谢谢.
推荐答案
Java EE 6教程代替.容器托管的安全性从此处开始.
The use of the HttpServletRequest#login() method indicates that you're using Servlet 3.0 which is part of Java EE 6. Yet you're reading a 7.5 years old J2EE 1.4 tutorial. I'd suggest to put that dusty tutorial aside and read the Java EE 6 tutorial instead. Container managed security starts here.
回到您的具体问题,login()将(领域配置方法 .如果您在SQL数据库中具有用户名/密码,则可能需要使用 JDBCRealm .
Back to your concrete problem, the login() will (as documented) throw an exception when the login is invalid or when the container doesn't have any Realm definied at all. Assuming that you're certain that the username/password is valid, it'll probably be the last cause. How to do it exactly depends on the servletcontainer in question. Just consult its documentation using the keyword "Realm". For example, for Tomcat 7.0 that's the Realm Configuration HOW-TO. If you have the usernames/passwords in a SQL database, you'll probably want to use the JDBCRealm.
在servlet容器级别配置了 Realm 之后,就可以按需要使用login()方法了.不要忘记按照Java EE 6教程在web.xml中添加<security-constraint>来限制对某些URL模式的访问并指定登录页面的URL.
Once you've configured a Realm at servletcontainer level, then you'll be able to use the login() method the way you want. Don't forget to add a <security-constraint> to the web.xml as per the Java EE 6 tutorial to restrict access on certain URL patterns and specify the URL of the login page.
这篇关于Java EE登录页面问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
