Websphere pre-login to j_security_check
-
30-05-2021 - |
Вопрос
I am using Websphere with j_security_check and I have a working login filter with CONFIDENTIAL and SSL settings. Due to some complex requirements, I need to process the j_username variable before performing j_security_check.
From one of the answers found here, it was said that this pre-login processing cannot be done. However, I noted that the previous asker was using Tomcat, while I am using Websphere. I found that there is a solution for my problem over here but it seems that everytime I try to login, I receive a "The website cannot display the page. The website has a programming error."
I tried troubleshooting by checking if the syntax was correct. Found some inconsistencies like and corrected them as best I could. However, I still keep getting the same error.
Could someone throw me in the right direction? I can provide further info but they are mostly similar to the second link. The only protected folder is in \protected\ and the .java servlet is located in \WEB-INF\classes.
Thank you.
Решение
In case anyone is interested, the results are here:
For \WEB-INF\web.xml
<filter id="Filter_1">
<filter-name>LoginFilter</filter-name>
<filter-class>com.myloginfilter.MyLoginFilter</filter-class>
<description>Performs pre-login operation</description>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/j_security_check</url-pattern>
</filter-mapping>
For \WEB-INF\classes\com\myloginfilter\MyLoginFilter.class
public class MyLoginFilter implements Filter {
protected FilterConfig filterConfig;
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
public void destroy() {
this.filterConfig = null;
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException {
chain.doFilter(new MyRequestWrapper((HttpServletRequest) request), response);
}
public static class MyRequestWrapper extends HttpServletRequestWrapper {
public MyRequestWrapper(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
String username= getRequest().getParameter("j_username");
if ("j_password".equals(name) && "admin".equals(username)) {
username = "administrator";
return username;
}
return super.getParameter(name);
}
}
}
To compile it, use Javac with the command:
javac -cp servlet-api-2.3.jar MyLoginFilter.class