Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
Troubleshooting
Research
Professional Opinions
Ask a QuestionDid You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE
asked on
Hello and thanks in advance for any assitance.
I will state to begin with that this is in fact for help with my Enterprise Java Dev course. I have written a microblog application using servlets, jsp and the like. Part of that website is an administrator section 'Admin.jsp' which allows me to Add/Edit/Delete blog entries.
I need to restrict access to that JSP page by way of an HttpServletFilter which manually enforces Basic Authentication. Originally this was setup to use Tomcat's integrated Basic Authentication which worked fine, but this is just an evolution.
I know that inside the filter's doFilter method, I need to somehow create a Principal object, verify the user's supplied username/password using Base64 decoding, but from there I'm lost.
I have everything up to that point working, the whole site is good, I have the filter wired up and working correctly, but I'm simply doing nothing in the doFilter method and letting everyone in.
Finally, to the point. I'm looking specifically for just some suggestions or links on how exactly I get the browser to prompt for user/pass and how I get to those values from inside my doFilter method. I think once I have that figured out, the rest will probably be self-evident.
I will state to begin with that this is in fact for help with my Enterprise Java Dev course. I have written a microblog application using servlets, jsp and the like. Part of that website is an administrator section 'Admin.jsp' which allows me to Add/Edit/Delete blog entries.
I need to restrict access to that JSP page by way of an HttpServletFilter which manually enforces Basic Authentication. Originally this was setup to use Tomcat's integrated Basic Authentication which worked fine, but this is just an evolution.
I know that inside the filter's doFilter method, I need to somehow create a Principal object, verify the user's supplied username/password using Base64 decoding, but from there I'm lost.
I have everything up to that point working, the whole site is good, I have the filter wired up and working correctly, but I'm simply doing nothing in the doFilter method and letting everyone in.
Finally, to the point. I'm looking specifically for just some suggestions or links on how exactly I get the browser to prompt for user/pass and how I get to those values from inside my doFilter method. I think once I have that figured out, the rest will probably be self-evident.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.