[Htmlunit-user] Form-based authentication using JSP/Servlet failing with incorrect credentials

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Trying to write a test for form-based authentication using
JSP/Servlet. The form looks like:

<form method="POST" action="j_security_check" name="myform">
            Username: <input type="text" name="j_username">
            Password: <input type="password" name="j_password"
autocomplete="off">
            <input type="submit" value="Submit" name="submitButton">
            <input type="reset" value="Reset">
        </form>

POSTing to a form as:

        HtmlPage page = webClient.getPage(base + "/index.jsp");
        final HtmlForm form = page.getFormByName("myform");
        form.getInputByName("j_username").setValueAttribute("u1");
        form.getInputByName("j_password").setValueAttribute("p1");
        HtmlSubmitInput submitButton = form.getInputByName("submitButton");
        HtmlPage page2 = submitButton.click();
        assertEquals("Form-based Security - Success", page2.getTitleText());

succeeds. Changing the username and password to some random value
succeeds as well.

Complete sample, including deployment descriptor, is available at:

https://github.com/javaee-samples/javaee7-samples/tree/master/servlet/security-form-based

Is this the correct way of doing form-based authentication ?

Arun

-- 
http://blog.arungupta.me
http://twitter.com/arungupta

[Htmlunit-user] Form-based authentication using JSP/Servlet failing with incorrect credentials

Java GUI-Less browser, supporting JavaScript, to run against web pages

[Htmlunit-user] Form-based authentication using JSP/Servlet failing with incorrect credentials