tags:

views:

10

answers:

1

Is it possible to get JBoss 5.x to secure webpages, forcing a login validated against users and passwords in a database without writing your own implementation, just configuring what already exists?

It is? At the moment I flat out don't believe you, prove it!

A: 

JBoss 5 is bundled with tomcat 5.5. To configure the available implementation follow the DataSourceRealm Documentation this shows how to configure the server side.

Besides that you need add security-constraints (to define which pages should be protected) to your applications web.xml as described here. When you request a protected page from the server the request will automatically redirected to the login page and only if the user succseeds to authenticate the protected page will be delivered. (the input fields of the login-page need to have defined names like j_user).

stacker