JDBC Security Popup on Glassfish 3.1.2.2

StackOverflow https://stackoverflow.com/questions/16288007

Question

I am running a JSF application on Glassfish 3.1.2.2 with JDBC Realms authentication.

I was wondering if there was anyway that I can disable the login popup that appears whenever someone tries to access a restricted page and is not logged in and instead raise an Error 401 (which automatically redirects to my page's login page) for consistency of UX.

Was it helpful?

Solution

You'll have to set your web.xml security constraints login-config auth-method to FORM login:

 <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>You can but you are not forced to supply a realm here</realm-name>
        <form-login-config>
            <form-login-page>/login.xhtml</form-login-page>
            <form-error-page>/access-forbidden.xhtml</form-error-page>
        </form-login-config>
    </login-config>

Secure your pages like this:

<security-constraint>
    <web-resource-collection>
        <url-pattern>/index.xhtml</url-pattern>       
    </web-resource-collection>
    <auth-constraint>
        <role-name>Manager</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
    <role-name>Manager</role-name>
</security-role>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top