https://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&feed=atom&action=historySmall Talks/2009/August/Form Based Login with JAAS on JBoss and ZK - Revision history2024-03-29T15:21:03ZRevision history for this page on the wikiMediaWiki 1.35.1https://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=15843&oldid=prevSphota: /* See Also */2010-12-29T07:34:51Z<p><span dir="auto"><span class="autocomment">See Also</span></span></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 07:34, 29 December 2010</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l220" >Line 220:</td>
<td colspan="2" class="diff-lineno">Line 220:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=See Also=</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=See Also=</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Next part of this talk: [[Small_Talks/2010/February/Ajax_and_ZK_Based_Login_with_JAAS_on_JBoss|Ajax and ZK Based Login with JAAS on JBoss]]</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Next part of this talk: [[Small_Talks/2010/February/Ajax_and_ZK_Based_Login_with_JAAS_on_JBoss|Ajax and ZK Based Login with JAAS on JBoss]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* </div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [[Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_I_-_Servlets_and_Forms|Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>[[Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_I_-_Servlets_and_Forms|Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>*[[Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_III_-_Validate_Forms|Work with Legacy Web Applications, Part III - Validate Forms]]</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>*[[Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_III_-_Validate_Forms|Work with Legacy Web Applications, Part III - Validate Forms]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
</table>Sphotahttps://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=12902&oldid=prevChar: /* Introduction */2010-11-30T04:07:17Z<p><span dir="auto"><span class="autocomment">Introduction</span></span></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 04:07, 30 November 2010</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l15" >Line 15:</td>
<td colspan="2" class="diff-lineno">Line 15:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* And maybe more control about what's going on.</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* And maybe more control about what's going on.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>I will not explain everything in detail, download the example and look into the code. The talk also continues at [[Ajax and ZK Based Login with JAAS on JBoss]].</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>I will not explain everything in detail, download the example and look into the code. The talk also continues at [[<ins class="diffchange diffchange-inline">Small_Talks/2010/February/Ajax_and_ZK_Based_Login_with_JAAS_on_JBoss|</ins>Ajax and ZK Based Login with JAAS on JBoss]].</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=JAAS and DB=</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=JAAS and DB=</div></td></tr>
</table>Charhttps://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=12901&oldid=prevChar: /* See Also */2010-11-30T04:06:33Z<p><span dir="auto"><span class="autocomment">See Also</span></span></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 04:06, 30 November 2010</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l219" >Line 219:</td>
<td colspan="2" class="diff-lineno">Line 219:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=See Also=</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=See Also=</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* Next part of this talk: [[Ajax and ZK Based Login with JAAS on JBoss]]</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* Next part of this talk: [[<ins class="diffchange diffchange-inline">Small_Talks/2010/February/Ajax_and_ZK_Based_Login_with_JAAS_on_JBoss|</ins>Ajax and ZK Based Login with JAAS on JBoss]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* </div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_I_-_Servlets_and_Forms|Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_I_-_Servlets_and_Forms|Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td></tr>
</table>Charhttps://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=12900&oldid=prevChar: /* See Also */2010-11-30T04:05:39Z<p><span dir="auto"><span class="autocomment">See Also</span></span></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 04:05, 30 November 2010</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l220" >Line 220:</td>
<td colspan="2" class="diff-lineno">Line 220:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=See Also=</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=See Also=</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Next part of this talk: [[Ajax and ZK Based Login with JAAS on JBoss]]</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Next part of this talk: [[Ajax and ZK Based Login with JAAS on JBoss]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [[Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [[Work with Legacy Web Applications, Part III - Validate Forms]]</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>[[<ins class="diffchange diffchange-inline">Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_I_-_Servlets_and_Forms|</ins>Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>*[[<ins class="diffchange diffchange-inline">Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_III_-_Validate_Forms|</ins>Work with Legacy Web Applications, Part III - Validate Forms]]</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>References:</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>References:</div></td></tr>
</table>Charhttps://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=12899&oldid=prevChar: /* ZK Login Form */2010-11-30T04:04:12Z<p><span dir="auto"><span class="autocomment">ZK Login Form</span></span></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 04:04, 30 November 2010</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l102" >Line 102:</td>
<td colspan="2" class="diff-lineno">Line 102:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This security constrain has no <code><auth-constraint></code>, hence it allow public access for the two defined URL patterns.</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This security constrain has no <code><auth-constraint></code>, hence it allow public access for the two defined URL patterns.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Now, you have to make a HTML POST form with action <code>j_security_check</code> and input fields of names <code>j_username</code> and <code>j_password</code>. See [[Work with Legacy Web Applications, Part I - Servlets and Forms]]. For instance, the file <code>public/login.zul</code> may look like:</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Now, you have to make a HTML POST form with action <code>j_security_check</code> and input fields of names <code>j_username</code> and <code>j_password</code>. See </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>[[<ins class="diffchange diffchange-inline">Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_I_-_Servlets_and_Forms|</ins>Work with Legacy Web Applications, Part I - Servlets and Forms]]</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>. For instance, the file <code>public/login.zul</code> may look like:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><source lang="javascript"></div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><source lang="javascript"></div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l144" >Line 144:</td>
<td colspan="2" class="diff-lineno">Line 146:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This code takes the advantage of the <code>ExtendedFormAuthenticator</code>, so the the HTTP session objects <code>j_username</code> and <code>j_exception</code> are present when the login has failed. Similar login form is implemented in the file <code>public/login_simple.zul</code> in the example.</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This code takes the advantage of the <code>ExtendedFormAuthenticator</code>, so the the HTTP session objects <code>j_username</code> and <code>j_exception</code> are present when the login has failed. Similar login form is implemented in the file <code>public/login_simple.zul</code> in the example.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Furthermore, before submitting the form, you may execute any code, like validate the form, see [[Work with Legacy Web Applications, Part III - Validate Forms]]. The main trick is made by the method <code>org.zkoss.zk.ui.util.Clients.submitForm(...)</code>. Instead of the input type submit button, we may use ZK button and it's onClick action:</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Furthermore, before submitting the form, you may execute any code, like validate the form, see[[<ins class="diffchange diffchange-inline">Small_Talks/2006/July/Work_with_Legacy_Web_Applications,_Part_III_-_Validate_Forms|</ins>Work with Legacy Web Applications, Part III - Validate Forms]]</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>. The main trick is made by the method <code>org.zkoss.zk.ui.util.Clients.submitForm(...)</code>. Instead of the input type submit button, we may use ZK button and it's onClick action:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><source lang="xml"></div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><source lang="xml"></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><button id="b_login" label="Login"></div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><button id="b_login" label="Login"></div></td></tr>
</table>Charhttps://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=7409&oldid=prevElton776: moved Small Talks/Form Based Login with JAAS on JBoss and ZK to Small Talks/2009/August/Form Based Login with JAAS on JBoss and ZK2010-09-20T07:50:24Z<p>moved <a href="/wiki/Small_Talks/Form_Based_Login_with_JAAS_on_JBoss_and_ZK" class="mw-redirect" title="Small Talks/Form Based Login with JAAS on JBoss and ZK">Small Talks/Form Based Login with JAAS on JBoss and ZK</a> to <a href="/wiki/Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK" title="Small Talks/2009/August/Form Based Login with JAAS on JBoss and ZK">Small Talks/2009/August/Form Based Login with JAAS on JBoss and ZK</a></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<tr class="diff-title" lang="en">
<td colspan="1" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="1" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 07:50, 20 September 2010</td>
</tr><tr><td colspan="2" class="diff-notice" lang="en"><div class="mw-diff-empty">(No difference)</div>
</td></tr></table>Elton776https://www.zkoss.org/_w/index.php?title=Small_Talks/2009/August/Form_Based_Login_with_JAAS_on_JBoss_and_ZK&diff=5554&oldid=prevElton776: Created page with '{{Template:Smalltalk_Author| |author=[http://xmedeko.blogspot.com Ondrej Medek, Engineer, Prins Ltd.] |date=August 13, 2009 |version=ZK 3.6.2, ZK 5.0.0 CE }} =Introduction= The …'2010-09-10T06:42:39Z<p>Created page with '{{Template:Smalltalk_Author| |author=[http://xmedeko.blogspot.com Ondrej Medek, Engineer, Prins Ltd.] |date=August 13, 2009 |version=ZK 3.6.2, ZK 5.0.0 CE }} =Introduction= The …'</p>
<p><b>New page</b></p><div>{{Template:Smalltalk_Author|<br />
|author=[http://xmedeko.blogspot.com Ondrej Medek, Engineer, Prins Ltd.]<br />
|date=August 13, 2009<br />
|version=ZK 3.6.2, ZK 5.0.0 CE<br />
}}<br />
<br />
=Introduction=<br />
The talk shows how to use ZK to implement form based login for JAAS on JBoss 5.x. I assume you know how to secure your web application using form base login and a plain HTML or JSP form. If not, then first have a look at JBoss Wiki<ref>http://www.jboss.org/community/wiki/SecureAWebApplicationUsingACustomForm</ref> or other resources.<br />
<br />
When you use ZK, you can use plain HTML (or JSP) login form with action <code>j_security_check</code> and input fields <code>j_username</code> and <code>j_password</code> as well. However, when developing the login form, you may want as well:<br />
* Only one login page, not the login and error page.<br />
* Validate the user input (for non-null values) before performing the login.<br />
* Inform the user, why login failed.<br />
* Have the login form with the same look&feel as the rest of your ZK application.<br />
* And maybe more control about what's going on.<br />
<br />
I will not explain everything in detail, download the example and look into the code. The talk also continues at [[Ajax and ZK Based Login with JAAS on JBoss]].<br />
<br />
=JAAS and DB=<br />
JAAS is flexible in a way how to authenticate the user. JBoss provides several so called login modules. Usually, you need to check the username and password against the database, so we will use <code>org.jboss.security.auth.spi.DatabaseServerLoginModule</code>. The login module may be configured site-wide in the <code>conf/login-config.xml</code>. But I prefer to have the configuration packed into my deployment EAR or WAR. In JBoss, starting from 5.x, it's easy. Just make any file named <code>xxx-jboss-beans.xml</code> (e.g. <code>login-jboss-beans.xml</code>) in the <code>META-INF</code> directory of your EAR (or META-INF in the EJB module, or WEB-INF of WAR):<br />
<source lang="xml"><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<br />
<deployment xmlns="urn:jboss:bean-deployer:2.0"><br />
<application-policy xmlns="urn:jboss:security-beans:1.0" name="zkformlogin"><br />
<authentication><br />
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"<br />
flag="required"><br />
<!-- <module-option name="hashAlgorithm">MD5</module-option> BASE64 also possible--><br />
<!-- <module-option name="unauthenticatedIdentity">guest</module-option> --><br />
<module-option name="dsJndiName">java:/DefaultDS</module-option><br />
<module-option name="principalsQuery">SELECT password FROM User WHERE username=?</module-option><br />
<module-option name="rolesQuery">SELECT role, 'Roles' FROM UserRoles, User WHERE User.username=? AND User.id = UserRoles.user_id</module-option><br />
</login-module><br />
</authentication><br />
</application-policy><br />
</deployment><br />
</source><br />
<br />
The example uses the data source bind on <code>java:/DefaultDS</code> and assumes that there are tables <code>User</code> and <code>UserRoles</code> in the DB. In the element <code>rolesQuery</code> the string <code>'Roles'</code> means the groups of roles -- the role group <code>'Roles'</code> is the same for all users in the example. You may easily extend the DB schema to contain different group roles as well (i.e. one more column it the table <code>UserRoles</code>).<br />
<br />
Note, for JBoss 4.x this mechanism does not work, but you may use dynamic login config <ref>http://www.jboss.org/community/wiki/DynamicLoginConfig</ref> instead.<br />
<br />
The username of the logged-in user may be accessed:<br />
* By the HTTP servlet request. <code>javax.servlet.http HttpServletRequest.getRemoteUser()</code> returns the username and the user role may be checked by <code>javax.servlet.http HttpServletRequest.isUserInRole(String role)</code>. <br />
* By the session context in a session bean. <code>javax.ejb.SessionContext.getCallerPrincipal().getName()</code> returns the username and the user role may be checked by <code>javax.ejb.SessionContext.getCallerPrincipal().isCallerInRole(String role)</code>.<br />
<br />
However, one usually needs more information from the DB about the logged in user, like the real name, email, etc. Also, I usually do not access the DB directly, I like to use JPA/Hibernate. So I have made two entities: <code>User</code> and <code>UserRoles</code> to access the information about the user in the DB, and the session bean <code>UserDao</code>, which can get the User object for the currently logged-in user. The class <code>Identity</code> provides the simplified way how to access the user information from <code>UserDao</code> stores it in the HTTP session, see the example code.<br />
<br />
JBoss JAAS uses ThreadLocal class, so it does not work, when it is accessed by other thread than the thread processing the request. For ZK the best solution is to disable the event thread. It is disabled by default in ZK 5. Disable it for ZK 3 by adding to your <code>zk.xml</code>:<br />
<source lang="xml"><br />
<system-config><br />
<disable-event-thread /><br />
</system-config><br />
</source><br />
<br />
=ZK Login Form =<br />
<br />
In addition to the standard form login, the JBoss guys has made a nice class <code>org.jboss.web.tomcat.security.ExtendedFormAuthenticator</code>, which puts into the HTTP session username (under the key <code>j_username</code>) and the exception (under the key <code>j_exception</code>), when the login fails. Thus, one can:<br />
* make the same page for the login and error page,<br />
* analyse, why the login has failed,<br />
* and prefill the username into the input field if the login has failed.<br />
<br />
To use this <code>ExtendedFormAuthenticator</code>, just make a file <code>WEB-INF/context.xml</code>:<br />
<br />
<source lang="xml"><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<Context cookies="true" crossContext="false"><br />
<Valve className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator"<br />
includePassword="false" ></Valve><br />
</Context><br />
</source><br />
<br />
Then, the form login in <code>web.xml</code> may be:<br />
<br />
<source lang="xml"><br />
<login-config><br />
<auth-method>FORM</auth-method><br />
<realm-name>ZK Form Login Demo</realm-name><br />
<form-login-config><br />
<form-login-page>/public/login.zul</form-login-page><br />
<form-error-page>/public/login.zul</form-error-page><br />
</form-login-config><br />
</login-config><br />
</source><br />
<br />
To use the ZK look&feel, just allow public access to the URI <code>update-uri</code> of the <code>org.zkoss.zk.ui.http.DHtmlLayoutServlet</code> servlet. Usually, it is <code>/zkau/*</code> URI. Hence, my <code>web.xml</code> contains:<br />
<source lang="xml"><br />
<security-constraint><br />
<display-name>Zkau and Public Unprotected</display-name><br />
<web-resource-collection><br />
<web-resource-name>HtmlAdaptor</web-resource-name><br />
<description>Exclude Zkau and Public</description><br />
<url-pattern>/zkau/*</url-pattern><br />
<url-pattern>/public/*</url-pattern><br />
</web-resource-collection><br />
<user-data-constraint><br />
<transport-guarantee>NONE</transport-guarantee><br />
</user-data-constraint><br />
</security-constraint><br />
</source><br />
This security constrain has no <code><auth-constraint></code>, hence it allow public access for the two defined URL patterns.<br />
<br />
Now, you have to make a HTML POST form with action <code>j_security_check</code> and input fields of names <code>j_username</code> and <code>j_password</code>. See [[Work with Legacy Web Applications, Part I - Servlets and Forms]]. For instance, the file <code>public/login.zul</code> may look like:<br />
<br />
<source lang="javascript"><br />
<window title="ZK Form Login Demo" width="400px" position="cetner,center" border="normal"><br />
<zscript><![CDATA[<br />
// parse the j_exception<br />
Throwable j_exception = (Throwable) sessionScope.get("j_exception");<br />
String errMsg = null;<br />
if (j_exception != null) {<br />
if (j_exception instanceof javax.security.auth.login.FailedLoginException) {<br />
errMsg = "Username and/or the password is not right. Please, try it again.";<br />
} else {<br />
errMsg = "Unknown exception when logging in: " + this.j_exception + " Please, contact the admin.";<br />
}<br />
}<br />
]]></zscript><br />
<h:form method="post" id="j_security_check" action="j_security_check"><br />
<grid><br />
<rows><br />
<row><br />
Username :<br />
<textbox id="j_username" name="j_username" value="${sessionScope.j_username}" width="200px" /><br />
</row><br />
<row><br />
Password :<br />
<textbox id="j_password" name="j_password" type="password" width="200px" /><br />
</row><br />
</rows><br />
</grid><br />
<div width="100%"><br />
<h:input type="submit" value="Login" /><br />
</div><br />
</h:form><br />
<div if="${errMsg != null}" width="100%" style="color:red">${errMsg}</div><br />
<zscript><![CDATA[<br />
j_username.focus();<br />
]]></zscript><br />
</window><br />
</source><br />
<br />
This code takes the advantage of the <code>ExtendedFormAuthenticator</code>, so the the HTTP session objects <code>j_username</code> and <code>j_exception</code> are present when the login has failed. Similar login form is implemented in the file <code>public/login_simple.zul</code> in the example.<br />
<br />
Furthermore, before submitting the form, you may execute any code, like validate the form, see [[Work with Legacy Web Applications, Part III - Validate Forms]]. The main trick is made by the method <code>org.zkoss.zk.ui.util.Clients.submitForm(...)</code>. Instead of the input type submit button, we may use ZK button and it's onClick action:<br />
<source lang="xml"><br />
<button id="b_login" label="Login"><br />
<attribute name="onClick"><br />
// just to perform constraints checks<br />
j_username.getValue();<br />
j_password.getValue();<br />
// submit the form<br />
Clients.submitForm(j_security_check);<br />
</attribute><br />
</button><br />
</source><br />
<br />
To logout, just invalidate the HTTP session. See the file <code>public/logout.zul</code> in the example.<br />
<br />
=More Tricks=<br />
You can execute any code before sending the form by <code>Clients.submitForm(j_security_check)</code>. E.g. you may store some more data in the HTTP session (like "remember me" checkbox value). You may even access DB and check, if the login is going to succeed by yourself. In this case, you do not need <code>org.jboss.security.auth.spi.DatabaseServerLoginModule</code>, but you may be happy only with <code>org.jboss.security.auth.spi.SimpleServerLoginModule</code>, <code>org.jboss.security.auth.spi.AnonLoginModule</code> or the other ones. (Just take care, that your code and configuration has no any security hole, like SQL injection.)<br />
<br />
The login page does not need to be specified in the <code>web.xml</code>. You may do <code>Clients.submitForm(j_security_check)</code> on other pages too, e.g. on a registration page.<br />
<br />
=== Redirect Time-Out to the Login Page ===<br />
When the session time-outs, you may like to redirect the user to the login page and show the user a message what has happened. Configure your <code>zk.xml</code>:<br />
<br />
<source lang="xml"><br />
<session-config><br />
<device-type>ajax</device-type><br />
<timeout-uri>/?tmout=1</timeout-uri><br />
<automatic-timeout/><br />
<!-- Make a Timer to send keep-alive. --><br />
<!-- <timer-keep-alive>true</timer-keep-alive> --><br />
</session-config><br />
</source><br />
<br />
Then the browser is redirected to the root page of the application, which is secured. Hence a web container show a login page with a parameter <code>?tmout=1</code>. You can check this parameter e.g. by:<br />
<source lang="java"><br />
final boolean timeout = "1".equals(Executions.getCurrent().getParameter("tmout"));</source><br />
<br />
=== Caching the JAAS Credentials ===<br />
When you allow the user to change credentials (username and password, usually, depends on your JAAS configuration) within the web application, then you may have see <code>javax.ejb.EJBAccessException</code>, because JAAS tries to authenticate the request with the old credentials. Then, it is wise to add <code>flushOnSessionInvalidation</code> into <code>WEB-INF/jboss-web.xml</code>:<br />
<source lang="xml"><br />
<jboss-web><br />
<security-domain flushOnSessionInvalidation="true">java:/jaas/zkformlogin</security-domain><br />
</jboss-web><br />
</source><br />
See [http://community.jboss.org/wiki/CachingLoginCredentials CachingLoginCredentials in JBoss Wiki] .<br />
<br />
=Example=<br />
The example (download bellow) uses the data source <code>java:/DefaultDS</code> which should be the HSQL database. Also, the <code>hibernate.hbm2ddl.auto</code> is set to <code>create-drop</code>, so the database tables are dropped and created during the deployment. '''Beware!''' It may destroy your data! Do not use it, if your <code>java:/DefaultDS</code> points to a DB with any precious data! The example has been tested with JBoss 5.1.0GA and ZK5.0.0 (ZK3.6.2, too). I have also removed some ZK libraries not required for this demo, so you get a few warnings during deployment.<br />
<br />
You can login as demo:demo, or admin:admin. After the login, you can go to the page <code>/admin.zul</code>. Every user is allowed to access this page, but for non-admin users it throws an error, because it uses the secured session bean method <code>UserDao.getAllUsers()</code>. The page <code>/admin/admin.zul</code> is exactly the same, but the access to it is restricted in <code>web.xml</code> only for admin users.<br />
<br />
You may try to switch <code>public/login.zul</code> for <code>public/login_simple.zul</code> in a <code><form-login-page></code> element of <code>web.xml</code>.<br />
<br />
Tomcat creates "Cache-Control: no-cache" HTTP response header for every request of an authenticated resource. To enable browser caching, put <code>disableProxyCaching="false"</code> attribute of the <code>Valve</code> element in the <code>context.xml</code>:<br />
<br />
<source lang="xml"><br />
<Context cookies="true" crossContext="false"><br />
<Valve className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator"<br />
includePassword="false" disableProxyCaching="false"></Valve><br />
</Context></source><br />
<br />
=Download=<br />
<br />
[https://sourceforge.net/projects/zkforge/files/Small%20Talks/Ajax%20and%20ZK%20Based%20Login%20with%20JAAS%20on%20JBoss/zkformlogin-5-ear.ear/download zkformlogin-5-ear.ear]<br />
<br />
[https://sourceforge.net/projects/zkforge/files/Small%20Talks/Form%20Based%20Login%20with%20JAAS%20on%20JBoss%20and%20ZK/zkformlogin-ear.ear/download zkformlogin-ear.ear] - the older one with ZK3.6.2 <br />
<br />
=Summary=<br />
<br />
You can use ZK elements in a form based JAAS login and you can execute your code before the login form is submitted. The JAAS restricts the access to your web application and session beans. However, the AJAX calls are not secured - anyone can access the <code>/zkau/*</code> URI, but it should not be a problem, because the potential malicious user has no valid session.<br />
<br />
=See Also=<br />
* Next part of this talk: [[Ajax and ZK Based Login with JAAS on JBoss]]<br />
* [[Work with Legacy Web Applications, Part I - Servlets and Forms]]<br />
* [[Work with Legacy Web Applications, Part III - Validate Forms]]<br />
<br />
References:<br />
<references/><br />
<br />
<br />
[[Category:JAAS]]<br />
[[Category:ZK]]<br />
[[Category:Security]]<br />
[[Category:Other Frameworks]]<br />
{{Template:Smalltalk_Footer|<br />
|name=Potix Corporation<br />
}}<br />
<br />
<br />
<comment>http://docs.zkoss.org/wiki/Form_Based_Login_with_JAAS_on_JBoss_and_ZK</comment></div>Elton776