Jsp authentication

Hi All,
At the moment I am calling stored procedure and passing it username and password from login form. Than if login credentials are valid I set session variable called "username" to value of username from the login form.
This works just fine. the only thing is that my HTML code is cluttered with Java code. I want to be able to create a custom tag to do authentication than all I had to do would be to include that tag into every page that needs authentication. Question is: How I access session object from my tagHandler class?
Form based (container) authentication is not an option because my password is hash of username + password that user supplies. (As far as I understand containter authentication can only work if you have plain text passwords).
Your help would be highly appreciated.
Cheers,
Midrago

Please don't crosspost and proceed here http://forum.java.sun.com/thread.jspa?threadID=5190934

Similar Messages

  • Pb with 2nd Authentication using form.jsp (authentication example)

    Hi,
    I am using the example form.jsp to log on to my application. The first
    page (testsecurity.jsp) can be accessed by "everyone" and until this step everything
    goes fine, I manage to log on. From the testsecurity.jsp page there is a link
    to a jsp which can only
    be accessed by some users (I defined that in the policy file).
    Avan if I have identified myself through the form.jsp, before the 2nd page is
    displayed, I must log on again. When I give
    the same login and password as I gave for the first identification
    I can see the proper page.
    Do you have any idea about why I have to log on twice?
    Thanks
    Odile
    PS: I checked that, in the session, the attribute "javax.naming.InitialContext"
    is still present, if this has anything to do with the authentication..

    Hi,
    I am using the example form.jsp to log on to my application. The first
    page (testsecurity.jsp) can be accessed by "everyone" and until this step everything
    goes fine, I manage to log on. From the testsecurity.jsp page there is a link
    to a jsp which can only
    be accessed by some users (I defined that in the policy file).
    Avan if I have identified myself through the form.jsp, before the 2nd page is
    displayed, I must log on again. When I give
    the same login and password as I gave for the first identification
    I can see the proper page.
    Do you have any idea about why I have to log on twice?
    Thanks
    Odile
    PS: I checked that, in the session, the attribute "javax.naming.InitialContext"
    is still present, if this has anything to do with the authentication..

  • Unable to login using OAM Custom Authentication Plugin

    Hi,
    I have a problem with OAM Custom Authentication Plugin, My Plugin is Activate successfully. When try to login from Access Manager SSO login page, it is unable to login. I am getting followiing message in the log file.
    I am return ExecutionStatus.SUCCESS from my Java code and I have only one step where I have attached Plugin and my Steps Orchestration is
    On Success -> Success
    On Failure -> Failure
    On Error -> Failure
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:process_creds.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :process_creds with status fail.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:is_resource_protected.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
    INFO: Processing Event is_resource_protected
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
    INFO: Is Resource Protected status : success
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :is_resource_protected with status success.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:check_valid_session.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
    INFO: Processing Event check_valid_session
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
    INFO: Processing Event check_valid_session
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :check_valid_session with status fail.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:process_creds.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
    INFO: Successfully validated the submitted credentials.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :process_creds with status success.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:validate_creds.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
    INFO: Processing Event validate_creds
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.authn processEvent
    INFO: Policy ID : DB User Authentication Scheme
    Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
    INFO: Authentication Scheme Id: DB User Authentication Scheme.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
    INFO: Runtime Authentication Scheme: Scheme name: = DB User Authentication Scheme
    Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
    Scheme Challenge Mec: = FORM
    Scheme Challenge Par: = {contextType=default, username=string, contextValue=OAM, password=sercure_string, challenge_url=/pages/login.jsp}
    Authentication Module Name: = DB Authentication module
    Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
    INFO: Authentication Module Factory Class: DB Authentication module.
    Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
    INFO: DiagnosticUtil: enetered getDynamicPath
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
    INFO: Registering collector at runtime.
    Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
    INFO: Collector already exists, reusing existing.
    Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
    INFO: DiagnosticUtil: enetered getDynamicPath
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
    INFO: Registering collector at runtime.
    Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
    INFO: Collector: ["PluginPhaseEvent.oracle.security.am.plugin.diagnostic.PluginPhaseEvent@6d6a08fb":" Collector    : OAMS/OAM/Plugin/AUTHN/Plugin_SamplePlugin/PluginLocate
      Type     : PHASE_EVENT
      Metrics  : 511
      LogLevel : OFF
      EnableRate : false  EnablePersistence : false"], registered at runtime.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
    INFO: Registering collector at runtime.
    Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
    INFO: Collector already exists, reusing existing.
    User Name: test and Password : test
    Authentication Successfull return ExecutionStatus.SUCCESS
    Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
    INFO: Result of Authentication Scheme Execution: false.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :validate_creds with status fail.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:check_authn_retry.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :check_authn_retry with status success.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:cred_collect.
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
    INFO: Processing Event cred_collect
    Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
    INFO: Credential collection process success.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :cred_collect with status success.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:PBL_return.
    Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :PBL_return with status success.
    Can anyone help me regarding this issue.
    Thanks
    Tamim Khan

    Hi,
    Little update about authentication plugin, please see the log file below, Result of Authentication Scheme Execution:true, now but, still the cookie is LOGGEDOUTCONTINUE and still I am unable to login.  
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
    INFO: Cache data sync:InProcess for request -414941018507193158;
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
    INFO: Cache data sync:Success for request -414941018507193158;
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:process_creds.
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
    INFO: Successfully validated the submitted credentials.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :process_creds with status success.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:validate_creds.
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
    INFO: Processing Event validate_creds
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.authn processEvent
    INFO: Policy ID : DB Authentication Scheme
    Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
    INFO: Authentication Scheme Id: DB Authentication Scheme.
    Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
    INFO: Runtime Authentication Scheme: Scheme name: = DB Authentication Scheme
    Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
    Scheme Challenge Mec: = FORM
    Scheme Challenge Par: = {contextType=external, username=string, contextValue=/oam, password=sercure_string, challenge_url=http://192.168.1.220:14100/ssologin/ssologin.jsp}
    Authentication Module Name: = DB Authentication Module
    Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
    INFO: Authentication Module Factory Class: DB Authentication Module.
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
    INFO: DiagnosticUtil: enetered getDynamicPath
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
    INFO: Registering collector at runtime.
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
    INFO: Collector already exists, reusing existing.
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
    INFO: DiagnosticUtil: enetered getDynamicPath
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
    INFO: Registering collector at runtime.
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
    INFO: Collector already exists, reusing existing.
    User Name: test and Password : test
    Set 1st  Responce
    Set 2nd  Responce
    Set 3rd  Responce
    Setting cookie
    Authentication Successfull return ExecutionStatus.SUCCESS
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
    INFO: DiagnosticUtil: enetered getDynamicPath
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
    INFO: Registering collector at runtime.
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
    INFO: Collector already exists, reusing existing.
    Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
    INFO: Result of Authentication Scheme Execution: true.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :validate_creds with status fail.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:check_authn_retry.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :check_authn_retry with status success.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:cred_collect.
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
    INFO: Processing Event cred_collect
    Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
    INFO: Credential collection process success.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :cred_collect with status success.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller: processing Event:PBL_return.
    Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
    INFO: Master Controller:  Event processing finished :PBL_return with status success.
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
    INFO: Cache data sync:InProcess for request -414941018507193158;
    Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
    INFO: Cache data sync:Success for request -414941018507193158;
    Can anyone help me please.
    Thanks
    Tamim Khan

  • User Authentication Failed error when trying to display a JSP portlet

    The steps carried out are as follows :
    1. Created a JSP file named "c.jsp" and deployed it under 902_MidTier_Home\j2ee\home\default-web-app\examples\jsp
    2. Created a table named USER_TABLE under Scott schema to store the usernames and passwords to validate this JSP application.
    3. Registered this JSP as an external application with the following values :
    Application Name           : RAGHU
    Login URL          : http://hostname:port/j2ee/examples/jsp/c.jsp
    User Name/ID Field Name     : username
    Password Field Name     : password
    Type of Authentication Used : POST
    3. Clicked on the External Application and entered the username as USER1 and password as USER1 ( These values are available
    under USER_TABLE for comparison ). Then it shows the message "Hi User1 .. Welcome message"
    4. Now created a directory named JSPSAMPLE under "WEB-INF\Providers" and put the provider.xml file under this.
    Created a raghu.properties file and placed it under "WEB-INF\deployment".
    5. Now tested the testpage using the URL " http://hostname:port/jpdk/providers/raghu " and it works fine.
    6. Registered this as a provider in Portal and added this portlet onto a page. Assigned this page to a newly created user.
    It gives the message " Authentication Failed - Update Login Information " which is expected. I click on the link and
    it takes me to the external application username password. I enter the credentials but this time it comes back again
    to the page with the same message " Authentication Failed - Update Login Information ".
    7. Basically the values are not passed to the Username and Password in jsp page which is why the problem occurs.
    The JSP Code used is as follows :
    <%@ page import="java.sql.*" %>
    <HTML>
    <HEAD><TITLE>DB Connectivity test</TITLE></HEAD>
    <BODY BGCOLOR="#FFFFFF">
    <CENTER>
    <B>user_table</B>
    <BR><BR>
    <%
    String username = request.getParameter("username");
    String password = request.getParameter("password");
    Connection conn = null;
    try
    Class.forName("oracle.jdbc.driver.OracleDriver");
    conn = DriverManager.getConnection("jdbc:oracle:thin:@hostname:1521:iasdb","scott","tiger");
    Statement stmt = conn.createStatement();
    String query = "SELECT * FROM user_table where userid= '"+ username +"' and passwd = '" + password + "' " ;
    ResultSet rs = stmt.executeQuery(query);
    while(rs.next())
    out.println("<TR>");
    out.println(" <TD> hi " + rs.getString("userid") + ", welcome</TD>");
    out.println("</TR>");
    out.println("</TABLE>");
    catch(SQLException e)
    out.println("SQLException: " + e.getMessage() + "<BR>");
    while((e = e.getNextException()) != null)
    out.println(e.getMessage() + "<BR>");
    out.println("invalid userid,password");
    catch(ClassNotFoundException e)
    out.println("ClassNotFoundException: " + e.getMessage() + "<BR>");
    finally
    //Clean up resources, close the connection.
    if(conn != null)
    try
    conn.close();
    catch (Exception ignored) {}
    %>
    </CENTER>
    </BODY>
    </HTML>
    The Provider.xml file used is as follows :
    <?xml version="1.0" encoding="UTF-8"?>
    <?providerDefinition version="3.1"?>
    <provider class="oracle.portal.provider.v2.http.URLProviderDefinition">
         <providerInstanceClass>oracle.portal.provider.v2.http.URLProviderInstance</providerInstanceClass>
         <session>true</session>
         <authentication class="oracle.portal.provider.v2.security.Authentication">
              <authType>ExternalApp</authType>
              <userFieldName>username</userFieldName>
              <userPwdName>password</userPwdName>
              <errorPageMessages>Raghu,Please sign in,Sign me up!</errorPageMessages>
         </authentication>
         <portlet class="oracle.portal.provider.v2.http.URLPortletDefinition">
              <id>1</id>
              <name>RaghuPortlet</name>
              <title>Raghu Mail Portlet</title>
              <description>This portlet is to test Integration services using mail.yahoo.com</description>
              <timeout>100</timeout>
              <timeoutMessage>Raghu timed out</timeoutMessage>
              <showEdit>false</showEdit>
              <showEditDefault>false</showEditDefault>
              <showPreview>false</showPreview>
              <showDetails>false</showDetails>
              <hasHelp>false</hasHelp>
              <hasAbout>false</hasAbout>
              <acceptContentType>text/html</acceptContentType>
              <registrationPortlet>false</registrationPortlet>
              <accessControl>public</accessControl>
              <renderer class="oracle.portal.provider.v2.render.RenderManager">
                   <showPage class="oracle.portal.provider.v2.render.http.URLRenderer">
                        <pageUrl>http://172.17.24.235:8888/c.jsp</pageUrl>
                        <contentType>text/html</contentType>
                        <filter class="oracle.portal.provider.v2.render.HtmlFilter">
                             <useAuthLinks>true</useAuthLinks>
                             <headerTrimTag>&lt;table width="100%" cellpadding=0 cellspacing=0 border=0>&lt;tr>&lt;td bgcolor=#9bbad6></headerTrimTag>
                             <footerTrimTag>&lt;table width="100%" cellpadding=2 cellspacing=1>&lt;tr>&lt;td bgcolor=#9bbad6></footerTrimTag>
                             <convertTarget>true</convertTarget>
                             <redirectUrlFieldName>.done</redirectUrlFieldName>
                        </filter>
                   </showPage>
              </renderer>
              <securityManager class="oracle.portal.provider.v2.security.URLSecurityManager">
                   <authorizType>registered</authorizType>
              </securityManager>
         </portlet>
    </provider>
    The Contents of raghu.properties file
    serviceClass=oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter
    loaderClass=oracle.portal.provider.v2.http.DefaultProviderLoader
    showTestPage=true
    definition=providers/raghu/provider.xml
    autoReload=true
    Any inputs regarding why the values are passed properly in case of External Application but not so when registered as
    a portlet in Portal.
    Regards
    Satish G

    As I can see from the information posted, you are trying to
    use URL-based portlet's SSO feature, though not in a correct
    way.
    The SSO feature of URL-based portlets relie on the usage
    of Cookies as authentication tokens. For example, in the
    present context, http://hostname:port/j2ee/examples/jsp/c.jsp
    will write a cookie to the client upon successfull authentication.
    Subsequent access to the same JSP or some other JSP in the same
    workspace should be checking for the existence of this particular
    cookie at the client side and if found should not prompt for
    user information again.
    If you can fine tune your existing applications as per above
    conditions, then everything should work fine. Else you might
    want to use page parameters to pass user information.
    For more information on page parameters, please visit
    http://portalstudio.oracle.com/servlet/page?_pageid=350&_dad=ops&_schema=OPSTUDIO&12678_PDKHOME902_39847486.p_subid=249821&12678_PDKHOME902_39847486.p_sub_siteid=73&12678_PDKHOME902_39847486.p_edit=0#NEW1

  • Get current password in a basic authentication JSP

    Hello.
    I've written some JSP pages and I've protected them with BASIC authentication.
    I'd like to get the password that the user used to log in, because I need to execute a EJB method running on other server and this EJB method is also protected.
    Thanks in advance for your help
    Kind regards.

    I've just resolved it!
    Password comes in the request instance as "authorization" header coded in Base64.
    Only had to retrieve the header and decode it.

  • Authentication failed while using the function from JSP.

    I am facing a issue with the mail functionality with JAVA Mailing.The problem is that when I am running the stand alone program it is working fine but when same function is called from a JSP it gives Authentication failed Exception.I am attaching the code with the case.testMail() Is the function called from the JSP.
    Please Look in to the issue its urgent.
    import javax.mail.*;
    import javax.mail.internet.*;
    import java.util.*;
    import java.io.*;
    import javax.activation.DataHandler;
    import javax.mail.MessagingException;
    import javax.mail.internet.MimeBodyPart;
    import javax.mail.internet.MimeMessage;
    import javax.mail.internet.MimeMultipart;
    import javax.mail.internet.MimePartDataSource;
    To use this program, change values for the following three constants,
    SMTP_HOST_NAME -- Has your SMTP Host Name
    SMTP_AUTH_USER -- Has your SMTP Authentication UserName
    SMTP_AUTH_PWD -- Has your SMTP Authentication Password
    Next change values for fields
    emailMsgTxt -- Message Text for the Email
    emailSubjectTxt -- Subject for email
    emailFromAddress -- Email Address whose name will appears as "from" address
    Next change value for "emailList".
    This String array has List of all Email Addresses to Email Email needs to be sent to.
    Next to run the program, execute it as follows,
    SendMailUsingAuthentication authProg = new SendMailUsingAuthentication();
    public class SendMailUsingAuthentication
    private static final String SMTP_HOST_NAME = "host";
    private static final String SMTP_AUTH_USER = "username";
    private static final String SMTP_AUTH_PWD = "password";
    private static final String emailMsgTxt = "Test Msg";
    private static final String emailSubjectTxt = "Notification: New User created";
    private static final String emailFromAddress = "[email protected]";
    // Add List of Email address to who email needs to be sent to
    private static final String[] emailList = {"[email protected]"};
    public static void main(String args[]) throws Exception
    SendMailUsingAuthentication smtpMailSender = new SendMailUsingAuthentication();
    smtpMailSender.postMail( emailList, emailSubjectTxt, emailMsgTxt, emailFromAddress);
    System.out.println("Sucessfully Sent mail to All Users");
    public void testMail(String msgBody,String senderEmail)throws MessagingException
    try{
         String mailBody = msgBody;
         String senderEmailAdd = senderEmail;
         SendMailUsingAuthentication smtpMailSender = new SendMailUsingAuthentication();
         smtpMailSender.postMail( emailList, emailSubjectTxt, mailBody , senderEmail);
         catch(MessagingException me) {
                   //System.out.println("Mail not sent");
                   throw me;
    public void postMail( String recipients[ ], String subject,
    String message , String from) throws MessagingException
    try{
         boolean debug = false;
    //Set the host smtp address
    Properties props = System.getProperties();
    props.put("mail.smtp.host", SMTP_HOST_NAME);
    props.put("mail.smtp.auth", "true");
    Authenticator auth = new SMTPAuthenticator();
    Session session = Session.getInstance(props, auth);
    session.setDebug(debug);
    // create a message
    Message msg = new MimeMessage(session);
    // set the from and to address
    InternetAddress addressFrom = new InternetAddress(from);
    msg.setFrom(addressFrom);
    InternetAddress[] addressTo = new InternetAddress[recipients.length];
    for (int i = 0; i < recipients.length; i++)
    addressTo[i] = new InternetAddress(recipients);
    msg.setRecipients(Message.RecipientType.TO, addressTo);
    // Setting the Subject and Content Type
    msg.setSubject(subject);
    msg.setContent(message, "text/plain");
    Transport.send(msg);
         catch(MessagingException me) {
                   //System.out.println("Mail not sent");
                   throw me;
    * SimpleAuthenticator is used to do simple authentication
    * when the SMTP server requires it.
    public static class SMTPAuthenticator extends javax.mail.Authenticator
    public PasswordAuthentication getPasswordAuthentication()
    String username = SMTP_AUTH_USER;
    String password = SMTP_AUTH_PWD;
              return new PasswordAuthentication(username, password);

    Your code doesn't work in stand alone program... just little mistake!
    Miss port property :
    props.put("mail.smtp.port", "25");
    props.put("mail.smtp.starttls.enable", "true"); // tls for gmail
    AddressTo method didn' t compile :
    InternetAddress[] addressTo = new InternetAddress[recipients.length];
    for (int i = 0; i < recipients.length; i++)
         addressTo[i] = new InternetAddress((String) recipients);
    msg.setRecipients(Message.RecipientType.TO, addressTo);
    And see this post for jsp integration :
    http://forum.java.sun.com/thread.jspa?threadID=5184860&tstart=0

  • Redirect to the jsp page after user authenticated successfully  …

    Here is the requirement …
    I’m using “JAAS – Custom Login Module” for user authentication.
    I have few questions in Portal Logon process …
    1. Exactly at what point I can conclude that the user has been authenticated successfully, because I have to redirect the user to some other page for the first time logon to enter some information, subsequent logins shouldn’t be redirected. (I can update flag upon entering information).
    2. Where should I add my redirection code? Is it in my JASS Custom Login Module?
    If yes, how can I do that ? I’m more consider on “where should I add it”?
    3. Do I need to change my “UmLogonPage.jsp” to complete my requirement?
    4. Once after entering the Logon information, who will call my JASS – Custom Login Module for authentication? If authentication has failed who will return the control back to the “umLogonPage.jsp”?
    5. In my JASS Custom Login Module, I have no redirections except having logic for authentication process, and some Login Exceptions are thrown for failure logins.
    6. Who will catch these exceptions for failure logins to redirect back to the “umLogonPage.jsp”.
    7. Finally I like to know where can I add my redirection logic once the user has been authenticated successfully?
    8. last but not least can any of the experts explain the whole login process (using JASS module)? How the control goes from one component to another?
    Any kind of help is appreciated.
    Points can be awarded for useful answers.
    Thanks
    MMK

    Thanks a lot for your valuable reply.
    yes what you said was correct, storing information in R/3 System and getting the details from FM using Connector framework.
    You said i have to modify "header.jsp", can you please tell which .par file should i get to modify?
    one more question to you ... i have provide custom logon error messages to the user ... i did all the modification in logon.par and deployed in EP 6 .. working fine .. i can able to see "User ID Missing" , "Password Missing" etc ..
    when i place same peace of code in EP 7 it always displaying "User Authentication failed". can u guess what whould be the problem?
    Thanks
    MMK

  • Invoking 'active directory external authentication plug-in'  from login.jsp

    Hi
    I am using the Oracle AS 10g on Unix. We have a web application in JAVA based on OC4J Framework.
    Currently user use application url for accessing the login page, enters credentials and then the authentication is done through LDAP.
    Now we have to remove the login page from application. i.e. once user is successfully logged in Windows on his pc, and tries to access our application through it's url, he must be automatically authenticated using the credentials entered in windows and display the welcome page of application. Same as any intranet application.
    For this requirement, we have 'active directory external authentication plug-in' installed on server.
    What we need to know is how this process will work and changes required in our jsp page to invoke this plug-in and authenticate user by accessing windows-credentials automatically.
    kindly let me know

    Hi
    I am currently using NTLM to fetch the windows username and then creating an anonymous connection with the LDAP Server.
    Then i serach using the user name in ldap directory.
    NTLM is no longer required , instead we have 'active directory external authentication plug-in' installed on LDAP.
    as far as i know the plug-in will process the kerberos ticket generated by windows to automatically authenticate.

  • Authentication Using JSP

    Hi ,
    am trying to authenticate against IS6.0 through JSP.JSP is running on tomcat and am using LDAP login bean(as given in sample) and am getting the following error
    javax.security.auth.login.LoginException: Failed to create New AuthContextError while processing XML requestno protocol:
         at com.sun.identity.authentication.AuthContext.<init>(AuthContext.java:145)
         at security.loginBean.login(loginBean.java:45)
    Any ideas??
    Thanks

    Hi ,
    am trying to authenticate against IS6.0 through JSP.JSP is running on tomcat and am using LDAP login bean(as given in sample) and am getting the following error
    javax.security.auth.login.LoginException: Failed to create New AuthContextError while processing XML requestno protocol:
         at com.sun.identity.authentication.AuthContext.<init>(AuthContext.java:145)
         at security.loginBean.login(loginBean.java:45)
    Any ideas??
    Thanks

  • User Authentication using Servlet and JSp

    Hi,
    I am developing a web app where i need to implement user Authentication to allow members to view and upload files on a certain directory say /data
    For this i am using a servlet as a controller which then forwads request to other jsps/servlets based on user response. I tried using servlet mapping in web.xml so that all browser requests would be directed to controller servlet and would branch from there on. However the problem all RequestDispatcher.forward() requests redirected to the servlet putting it in a loop.
    Is there another way to achieve this. (Apart from using form-based Basic Authentication).
    I am using Resin 1.2.8 servlet/jsp container.
    Any response as soon as possible would be appreciated.
    Thanks,
    Kushagra

    RequestDispatcher.forward() cause the HTTP request to be sent through the request processing flow as if the original request for the resource being forwarded to.
    It seems the servlet mapping you are talking about in web.xml should be made more specific. i.e. the mapping should be such that only your so called controller servlet will match up.
    You might want to specify the mapping for the controller servlet to be noticeably/effectively different from the mapping for other servlets and JSPs.

  • User authentication on LDAP with JSP/Servlet

    Please help! What I need is a small Java Servlet or JSP that I can run from a web server that will allow users type in their username and password. The JSP will then authenticate the user (by trying to log onto the LDAP server as that user) and if successful will offer them the chance to change their password. If they do it will then communicate with the LDAP server as that user and change their password.
    The LDAP server I am using is the Sun(TM) ONE 5.1 directory server.

    You can use jsp's and servlets.
    Have a .jsp (i.e. login.jsp) that has 2 fields username / password and a submit button i.e.
    <form method="post" action="/servlet/LoginServlet">
    <input type="text" size="15" name="username" value="">
    <input type="password" size="15" name="password" value="">
    <input type="submit" name="Submit" value="Authenticate">
    </form>In your servlet (i.e. LoginServlet) is where you retrieve the username / password by doing something like:
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
      String username = request.getParameter("username");
      String password = request.getParameter("password"); 
    }You would now do your LDAP authentication. see http://java.sun.com/products/jndi/tutorial/ldap/security/ldap.html
    Depending on whether the authentication was successful or not you would redirect the user to an error page or to the next .jsp (i.e changePassword.jsp) where they can change their password.

  • After JDBCRealm Authentication some jsp/servlet to be executed

    Software
    JDK1.5
    jakarta-tomcat-5.5.2
    Requirement
    After the user Logins in the Server through JDBCRealm Authentication I want to
    store the user Details in the session
    I know there is something called request.getUserPrincipal().getName()But i need to store the whole companydetails in the Session
    I mean the other details
    so for this I have to write the code in all the jsp files
    Is there any better way out
    Thanks in advance
    CSJakharia

    Thanks for trying to help me
    But actually may be you did not got my requirement Clearly
    Anyway I found my answer
    We can use ServletFilter and can get the thing out
    Thanks for trying to help me
    Bye for now
    CSJakharia

  • Form Based Authentication on Tomcat with custom index.jsp page...

    Hi there ppl,
    I've got Form Based Authentication working correctly on my Tomcat server but I want to override the default generated index.jsp after successfully logging on. I've tried placing my own index.jsp in the directory that's restricted, but its only overridden by the default one when successfully logged on which displays:
    "Authentication Mechanism FORM"
    This means having to navigate by typing the url in the address bar to another page which is gets really annoying afterawhile.
    Any help on this would be much appreciated,
    thanks already

    Yes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>Secure Area</web-resource-name>
    <url-pattern>/test/secure/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>admin</role-name>
    </auth-constraint>      
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/test/secure/loginpage.jsp</form-login-page>
    <form-error-page>/test/secure/errorpage.jsp</form-error-page>
    </form-login-config>
    </login-config>
    When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
    "Authentication Mechanism FORM".
    Hope that makes more sense.
    I've tried restarting tomcat but it makes no difference.

  • Java authentication example  jsp

    1) season variable is builtin jsp context object, so jsp does
    not compile; season variable name needs to be renamed at lines: 31
    , 45, 52
    for my jsp I named it coco_season :)
    2) String select(String r) {// takes String
    return r.equals(role) ? "selected" : "";
    select(100) // passes int. need to pas select("100")

    Hi, when I try to run the php authentication example I get the error
    "You don't have permission to access /cnx/Flexternal.html on this server."  cnx is my folder name at http://cardcrackers.com/cnx/
    I checked the unix permissions and set them to 777 and still this message. I remember reading something about adding some entries to htaccess but not sure if it was related to running this example app or not.
    Thanks, Kevin

  • Writing Login.jsp and authenticating a user who have stored in MySql DB

    Hi Friends,
    My project requirement is: Need to write a login page must send the request to servlet is the user and password avail in mysql db, if yes servlet should forward the home page else error message. Tools i need to use is IDE=eclipse, Server = tomcat, database = MySql
    Here is source:
    pls tell me where i m wrong.
    Login.jsp
    <%@ page language="java" %>
    <html>
    <head>
    <title>Login Page</title>
    <script language = "Javascript">
    function Validate(){
    var user=document.frm.user
    var pass=document.frm.pass
    if ((user.value==null)||(user.value=="")){
    alert("Please Enter user name")
    user.focus()
    return false
    if ((pass.value==null)||(pass.value=="")){
    alert("Please Enter password")
    pass.focus()
    return false
    return true
    </script>
    </head>
    <body>
    <h1>Login
    <br>
    </h1>
    <form name="frm" action="/LoginAuthentication" method="Post" onSubmit="return Validate()" >
    Name:
    <input type="text" name="user" value=""/><br>
    Password:<input type="password" name="pass" value=""/><br>
    <br>
    <input type="submit" value="Login" />
    <input type="reset" value="forgot Password" />
    </form>
    </body>
    </html>
    Servlet Code:
    LoginAuthentication.java
    import java.io.*;
    import java.util.*;
    import java.sql.*;
    import javax.servlet.*;
    import javax.servlet.http.*;
    import java.io.IOException;
    import javax.servlet.ServletException;
    import javax.servlet.ServletContext;
    import javax.servlet.RequestDispatcher;
    import javax.servlet.http.HttpSession;
    import javax.servlet.http.HttpServlet;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.util.List;
    import java.util.ArrayList;
    public class LoginAuthentication extends HttpServlet{
    private ServletConfig config;
    public void init(ServletConfig config)
    throws ServletException{
    this.config=config;
    //public void init() {
    // Normally you would load the prices from a database.
    //ServletContext ctx = getServletContext();
    // RequestDispatcher dispatcher = ctx.getRequestDispatcher("/HomePage.jsp");
    //dispatcher.forward(req, res);
    public void doPost(HttpServletRequest request, HttpServletResponse response)
    throws ServletException,IOException{
    PrintWriter out = response.getWriter();
    String connectionURL = "jdbc:mysql://127.0.0.1/SRAT";
    //String connectionURL = "jdbc:mysql://192.168.10.59/SRAT";
    //127.0.0.1
    //http://localhost:3306/mysql
    Connection connection=null;
    ResultSet rs;
    String userName=new String("");
    String passwrd=new String("");
    response.setContentType("text/html");
    try {
    // Load the database driver
    Class.forName("com.mysql.jdbc.Driver");
    // Get a Connection to the database
    connection = DriverManager.getConnection(connectionURL, "admin", "admin");
    //Add the data into the database
    String sql = "select user,password from login";
    Statement s = connection.createStatement();
    s.executeQuery (sql);
    rs = s.getResultSet();
    while (rs.next ()){
    userName=rs.getString("user");
    passwrd=rs.getString("password");
    rs.close ();
    s.close ();
    }catch(Exception e){
    System.out.println("Exception is ;"+e);
    if(userName.equals(request.getParameter("user"))
    && passwrd.equals(request.getParameter("pass"))){
    out.println("WELCOME "+userName);
    else{
    out.println("Please enter correct username and password");
    out.println("<a href='Login.jsp'><br>Login again</a>");
    Deployment Descriptor for TOMCAT
    web.xml
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
    <display-name>
    SRAT</display-name>
    <welcome-file-list>
    <welcome-file>login.jsp</welcome-file>
    </welcome-file-list>
    <servlet>
    <servlet-name>LoginAuthentication</servlet-name>
    <servlet-class>LoginAuthentication</servlet-class>
    </servlet>
    <servlet-mapping>
    <servlet-name>LoginAuthentication</servlet-name>
    <url-pattern>/LoginAuthentication</url-pattern>
    </servlet-mapping>
    </web-app>
    PLS HELP ME.
    S. Udaya Chandrika

    I too have used the same code but its giving the following error:
    HTTP Status 500 -
    type Exception report
    message
    description The server encountered an internal error () that prevented it from fulfilling this request.
    exception
    javax.servlet.ServletException: Wrapper cannot find servlet class Validation or a class it depends on
         org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
         org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
         org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
         org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
         org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
         java.lang.Thread.run(Unknown Source)
    root cause
    java.lang.ClassNotFoundException: Validation
         org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1387)
         org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1233)
         org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
         org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
         org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
         org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
         org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
         java.lang.Thread.run(Unknown Source)
    note The full stack trace of the root cause is available in the Apache Tomcat/6.0.18 logs.
    Apache Tomcat/6.0.18
    Please some one help??

Maybe you are looking for

  • How do I stop my Itunes purchases going to 'Cloud"? Can I turn it off and keep my music on my laptop? Thanks!!

    Well, as above! I didn't know I'd get the opportunity to write more. My internet connection is with Bt so 're-downloading' my music costs more than buying it in the first place! Thank you.

  • Refresh BPS buffer

    Hi I need to refresh the BPS buffer in my planning folder, and then read data from the cube and show in a layout. For do this I develop an exit function. This exit refresh the buffer (API_SEMBPS_REFRESH), read data from the cube (API_SEMBPS_GETDATA)

  • Importing Video help...

    I was importing video and noticed that once imported i have no sound?? Why is there no sound? Please help...i thought this would be easy... thanks, damien

  • Customer Master Reserved Fields

    Hi Experts I have a requirement where we need to use the additional data reserved fields in customer master, my question is can we change the field status of these reserved fields, if possible how. Thanks in advance.

  • Locking one program if another is running ....

    Hi experts,                I have came across a situation, before executing one program, i have to check weather other program is running or not.                Lets say I have 2 programs, program 1 and program 2. 1. If I want to run the pg 1, in for