19.9. Configure SPNEGO Fall Back to Form Authentication

Procedure 19.2. SPNEGO security with fall back to form authentication

1. Set up SPNEGO

   Refer the procedure described in Section 19.8, “Configure Kerberos or Microsoft Active Directory Desktop SSO for Web Applications”

2. Modify web.xml

   Add a login-config element to your application and setup the login and error pages in web.xml:

   <login-config>
       <auth-method>SPNEGO</auth-method>
       <realm-name>SPNEGO</realm-name>
           <form-login-config>
               <form-login-page>/login.jsp</form-login-page>
               <form-error-page>/error.jsp</form-error-page>
           </form-login-config>
      </login-config>
   

   Copy to Clipboard Toggle word wrap

3. Add web content

   Add references of login.html and error.html to web.xml. These files are added to web application archive to the place specified in form-login-config configuration. For more information refer Enable Form-based Authentication section in the Security Guide for JBoss EAP 6. A typical login.html looks like this:

   <html>
       <head>
           <title>Vault Form Authentication</title>
       </head>
       <body>
           <h1>Vault Login Page</h1>
           <p>   
           <form method="post" action="j_security_check">
           <table>
               <tr>
                   <td>Username</td><td>-</td>
                   <td><input type="text" name="j_username"></td>
               </tr>
               <tr>
                   <td>Password</td><td>-</td>
                   <td><input type="password" name="j_password"></td>
               </tr>
               <tr>
                   <td colspan="2"><input type="submit"></td>
               </tr>              
           </table>
           </form>
           </p> 
           <hr>
       </body>
   </html>
   

   Copy to Clipboard Toggle word wrap