The easiest way would be to append the date of birth to the actual j_username
(ie. with JavaScript and then manually split it in the login module.
Verifying additional parameter with j-security-check
-
18-03-2022 - |
문제
I have implemented web application login using j-security-check
which accepts parameters j_username
and j_password
for authentication with background registry. Now, I need to add date of birth as one more parameter and need to authenticate the user with this parameter too.
Is there a way to extend j-security-check to accept additional parameters? I would like to avoid performing the check in a servlet filter, if possible.
Using WebSphere V8, MyFaces JSF 2.0, Servlet 3.0, Custom database based authentication
해결책
다른 팁
Replace j_security_check
by programmatic login via HttpServletRequest#login()
.
E.g.
<h:form>
<h:inputText value="#{bean.username}" />
<h:inputSecret value="#{bean.password}" />
<h:inputText value="#{bean.birthdate}" />
<h:commandButton value="Login" action="#{bean.login}" />
</h:form>
with
public void login() {
// Do your thing with birthdate here.
// ...
// Then perform programmatic login.
try {
request.login(username, password);
// Login success. Redirect to landing page.
} catch (ServletException e) {
// Login fail. Return to login page.
}
}
This is in detail outlined in 2nd part of this answer: Performing user authentication in Java EE / JSF using j_security_check
제휴하지 않습니다 StackOverflow