InfoCenter Home > 5.4: Overview: Using programmatic and custom loginsThis section describes the use of programmatic login techniques and custom challenge capabilities in WebSphere Application Server. When applications require user to provide identifying information, the writer of the application must collect that information and authenticate the user. The work of the programmer can be broadly classified in terms of where the actual user authentication is performed:
Users can be prompted for authentication data in many ways. The challenge type configured for the application defines the mechanism used to collect this information. Programmers who want to customize login procedures, rather than relying on general-purpose devices like a 401 dialog window in a browser, can use a custom challenge to provide an application-specific HTML form for collecting login information. When Java enterprise-bean client applications require the user to provide identifying information, the writer of the application must collect that information and authenticate the user. The work of the programmer can be broadly classified in terms of where the actual user authentication is performed:
Users of Web applications can be prompted for authentication data in many ways. The login-config element in the Web application's deployment descriptor defines the mechanism used to collect this information. Programmers who want to customize login procedures, rather than relying on general-purpose devices like a 401 dialog window in a browser, can use a form based login to provide an application-specific HTML form for collecting login information. No authentication work will occur unless WebSphere security is enabled. Additionally, if you want to use the custom challenge type, you must configure security as follows (click an item to link to detailed property help for the item):
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|