Websphere pre-login to j_security_check

StackOverflow https://stackoverflow.com/questions/10120935

Domanda

I am using Websphere with j_security_check and I have a working login filter with CONFIDENTIAL and SSL settings. Due to some complex requirements, I need to process the j_username variable before performing j_security_check.

From one of the answers found here, it was said that this pre-login processing cannot be done. However, I noted that the previous asker was using Tomcat, while I am using Websphere. I found that there is a solution for my problem over here but it seems that everytime I try to login, I receive a "The website cannot display the page. The website has a programming error."

I tried troubleshooting by checking if the syntax was correct. Found some inconsistencies like and corrected them as best I could. However, I still keep getting the same error.

Could someone throw me in the right direction? I can provide further info but they are mostly similar to the second link. The only protected folder is in \protected\ and the .java servlet is located in \WEB-INF\classes.

Thank you.

È stato utile?

Soluzione

In case anyone is interested, the results are here:

For \WEB-INF\web.xml

<filter id="Filter_1">
    <filter-name>LoginFilter</filter-name>
    <filter-class>com.myloginfilter.MyLoginFilter</filter-class>
    <description>Performs pre-login operation</description>
</filter>
<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/j_security_check</url-pattern>
</filter-mapping>

For \WEB-INF\classes\com\myloginfilter\MyLoginFilter.class

    public class MyLoginFilter implements Filter {

    protected FilterConfig filterConfig;

    public void init(FilterConfig filterConfig) throws ServletException {
       this.filterConfig = filterConfig;
    }

    public void destroy() {
       this.filterConfig = null;
    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException {
        chain.doFilter(new MyRequestWrapper((HttpServletRequest) request), response);
    }

    public static class MyRequestWrapper extends HttpServletRequestWrapper {

        public MyRequestWrapper(HttpServletRequest request) {
            super(request);
        }

        @Override
        public String getParameter(String name) {
            String username= getRequest().getParameter("j_username");

            if ("j_password".equals(name) && "admin".equals(username)) {
                username = "administrator";
                return username;
            }
            return super.getParameter(name);
        }
    }
}

To compile it, use Javac with the command:

javac -cp servlet-api-2.3.jar MyLoginFilter.class
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top