JDBC Realm Form Authentication How To [duplicate]

This question already has answers here: 开发者_如何学JAVA Closed 11 years ago.

Possible Duplicate:

JDBC Realm Login Page

Hello to all, i would like to create an application login feature which bundled with jdbc realm and with custom login form(Form based authentication login constraint method).

Please provide a link or any help is greatly appreciated.

Please help.

Thanks.

---

What kind of container are you using?jBoss?Tomcat?Derby?
You also need to make use of persistent storage -> yes DBMS is needed. Which one will it be?MySQL?Sysbase?Oracle PL/SQL?MS SQL?

Documentation is available here for starters:
http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JDBCRealm

In general you need to have a DB backend, a JDBC-ODBC driver (jar) and a container to do the authentication for you.

However, I'll provide you with some guidance and insight to help you in case you are stuck.

Assuming you are using Tomcat 7.0+ and MySQL 5.5 follow the steps here:
It may seem tedious at first but it quite simple actually.
First install MySQL or what other DBMS you want. One of the most critical things here is to name and register a MySQL service that the installer will automatically do it for you*.Try to connect to the database**.
When you successfully do that change the username(root) and password("") of the default DBMS privileged user.
Create a project schema.
Create 2 tables in the schema named 'users' and 'rights'.
The first table(users) must have two columns:username and password.
The second one(rights) must also have two columns:username and role.
For starters leave both tables blank.

Now you have to edit the tomcat-users.xml and server.xml that reside in tomcat's Catalina (aka home) conf(iguration) directory.
tomcat-users.xml: This file contains roles that are recognisable by tomcat. So, you will need to add at least one such role such as 'client', 'customer', 'unauthenticated' e.t.c.
In addition, there is at least one tomcat username and password instance in this file that is used when you launch tomcat manually or as a service or via an IDE. That instance needs to be inserted in the database so you need to add it manually (SQL code) in order for the container to authenticate itself (otherwise you'll get persistent login failures form the container itself).
server.xml: Now, assuming your JDBC-ODBC driver is added to your project's classpath, comment out the UserDatabaseRealm

<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>

and add something like this inside the LockoutRealm (already exists)

<Realm className="org.apache.catalina.realm.JDBCRealm" connectionURL="jdbc:mysql://localhost:3306/SCHEMA_NAME_IN_DB?user=DB_USER;password=DB_PASS" debug="99" driverName="com.mysql.jdbc.Driver" userTable="users" userNameCol="username" userCredCol="password" userRoleTable="rights" roleNameCol="role"/>

(or not if you do not want to have a LockOutRealm -> comment it out as well then and paste the above Realm)

The SCHEMA_NAME_IN_DB, DB_USER and DB_PASS are values that you have had set when you made the schema and changed the username and password of the DBMS privileged user. Now, all you need to do is add the running tomcat's instance username and password (role:'manager-script') in the database as well as MySQL privileged user's (role:custom i.e. 'client').
Add also one or two test users for showcase and associate them with a role you've added manually in tomcat-users.xml.

Finally, you need to edit your project's web.xml file. There you need to provide these: Login Configuration, Security Roles & Security Constraints.
Login Configuration:Provide a login page and a login error page.
Security Roles: Add here the security roles that you manually added to users-tomcat.xml file and that a user must have in order to access any page by having logged in. Security Constraints:Specify what pages need authenticated access by logged in users.

Example ( weeeh! )

<security-constraint>

<display-name>URLsConstraintMechanism</display-name>
<web-resource-collection>
<web-resource-name>clientURL</web-resource-name>
<description>Required access to specified URL with client permissions </description>
<url-pattern>/securedURL/index.html</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
... (more web-resource-collections here)

<auth-constraint>
<description>Required privileges to access securely constraint URLs.</description>
<role-name>client</role-name>
</auth-constraint>

</security constraint>

<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/index.html</form-login-page>
<form-error-page>/index_denied.html</form-error-page>
</form-login-config>
</login-config>

<security-role>
<description>Required privileges to access securely constraint URLs.</description>
<role-name>client</role-name>
</security-role>

This will be much easier if you use an IDE (especially NetBeans for web.xml).

Have fun!!! and good luck :D :) :D

About * and **:
There are 2 serious bugs in the installers of MySQL 5.5.
Check this URLif you need help:
https://serverfault.com/questions/214435/error-1067-the-process-terminated-unexpectedly-when-trying-to-install-mysql-on

P.S.:I'll come back tomorrow to add some hints. For now, I'm going to sleep! xD