Servlet Security question about j_security_check, j_username and j_password

Posted by Nitesh Panchal on Stack Overflow See other posts from Stack Overflow or by Nitesh Panchal
Published on 2010-03-19T16:08:38Z Indexed on 2010/03/19 16:11 UTC
Read the original article Hit count: 253

Filed under:

Hello, I used jdbcRealm in my web application and it's working fine. I defined all constraints also in my web.xml. Like all pages of url pattern /Admin/* should be accessed by only admin. I have a login form with uses standard j_security_check, j_username and j_password.

Now, when i type Admin/home.jsf it rightly redirects me login.jsf and there when i type the password i am redirected to home.jsf. This works alright but problem comes i directly go to login.jsf and then type password and username. This time it again redirects me to login.jsf. Is there any way through which i can specify which page to go when successful login is there? I need to specify different different pages for different roles. For Admin, it is /Admin/home.jsf for general users it is /General/home.jsf because login form is shared between different type of users. Where do i specify all these things?

Secondly, i want to have a remember me checkbox at the end of login form. How do i do this? By default, it is submitted to j_security_check servlet and i have no control over its execution. Please help. This doesn't seem so hard but looks like i am missing something.

© Stack Overflow or respective owner

Related posts about java