NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator's Guide

Security Considerations

NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator’s Guide—596210-006

8-5

Form-Based Authentication

where, Realm_Name is the name of the Realm. For more information on Realms, see

Realms on page 8-7.

When a user attempts to access a web application that is configured for the HTTP

digest authentication, the logon page as shown in Figure 8-3 appears and the user is

prompted to enter the username and password.

Form-Based Authentication

The form-based authentication method provides a mechanism for a web application

developer to control the display of the login screen. The display of the logon page

cannot be varied using the web browser’s inbuilt authentication methods, such as

BASIC and DIGEST.

You can configure a web application for form-based authentication by setting the

auth-method in the <NSJSP_HOME>/web.xml file to FORM. The web application

deployment descriptor contains entries for a login form and an error page:

<login-config>

<auth-method>FORM</auth-method>

<form-login-config>

<form-login-page>/login.jsp</form-login-page>

<form-error-page>/login.jsp?authFailure=true

Figure 8-3. Logon Page for HTTP Digest Authentication