Servlet 3.0 specifies the following methods of the HttpServletRequest interface that enable you to authenticate users for a web application programmatically:
authenticate, which allows an application to instigate authentication of the request caller by the container from within an unconstrained request context. A login dialog box displays and collects the user name and password for authentication purposes.
login, which allows an application to collect username and password information as an alternative to specifying form-based authentication in an application deployment descriptor.
logout, which allows an application to reset the caller identity of a request.
The following example code shows how to use the login and logout methods:
package test; import java.io.IOException; import java.io.PrintWriter; import java.math.BigDecimal; import javax.ejb.EJB; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @WebServlet(name="TutorialServlet", urlPatterns={"/TutorialServlet"}) public class TutorialServlet extends HttpServlet { @EJB private ConverterBean converterBean; /** * Processes requests for both HTTP <code>GET</code> * and <code>POST</code> methods. * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); try { out.println("<html>"); out.println("<head>"); out.println("<title>Servlet TutorialServlet</title>"); out.println("</head>"); out.println("<body>"); request.login("TutorialUser", "TutorialUser"); BigDecimal result = converterBean.dollarToYen(new BigDecimal("1.0")); out.println("<h1>Servlet TutorialServlet result of dollarToYen= " + result + "</h1>"); out.println("</body>"); out.println("</html>"); } catch (Exception e) { throw new ServletException(e); } finally { request.logout(); out.close(); } } }
The following example code shows how to use the authenticate method:
package com.sam.test; import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class TestServlet extends HttpServlet { protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); try { request.authenticate(response); out.println("Authenticate Successful"); } finally { out.close(); } }