Previous Topic

Next Topic

Book Contents

Book Index
HTTP Login Servlet Requests Guide

Information about the supported requests by login servlet in HTTP server in order to create custom login page.

Supported Requests

Request URI

Request Method

Parameters

Parameter Description

Response Code

Response Body

Response Headers

Session Properties

Description

system/http/login

GET

none

none

200

The content of the login.html page, taken from:

  1. /resext/ folder in the bundle classpath
  2. /osgi/runtime/osgi/www/custompages/ on the file system

none

Added if missing: DefaultHttpContext.RedirectPage=/

Requests the login page.

POST

String: u
String: p
String: r
Integer: e

u - the user name
p – the password
r – optional remember-me flag;
if present, remember-me is used
e – optional; sets the time in which
the session expires if the user is inactive

302

none

Location=/or the last requested URI (except for AJAX requests) – taken from the DefaultHttpContext.RedirectPage session property – If remember-me flag is used: cookie with name mbs.http.login.auto

– Added:
org.osgi.service.http.authentication.remote.user=user_name
org.osgi.service.useradmin.authorization=authorization_object

– Removed:
DefaultHttpContext.RedirectPage

Successful login, the user is redirected to the dashboard, or to the last requested URI (not counting the AJAX requests).

POST

String: u
String: p
String: r
Integer: e

u – the user name
p – the password
r – optional remember-me flag;
if present, remember-me is used
e – optional; sets the time in which
the session expires if the user is inactive

401

The content of the 401 html page, taken from:

  1. /resext/ folder in the bundle classpath
  2. /osgi/runtime/osgi/www/custompages/ on the file system

none
  • mbs.http.bruteforce.no_of_attempts_wo_delay=3 (default value)
  • mbs.http.bruteforce.invalid_attempt_delay_factor=2 (default value)
  • mbs.http.bruteforce.invalid_attempt_delay_time=1 (default value in seconds)
  • Number of attempts before user will be locked out
  • Factor by which the time for lockout time is increased
  • Time by for which the user will be locked out

system/http/logout

POST

none

none

200

The content of the login.html page, taken from:

  1. /resext/ folder in the bundle classpath
  2. /osgi/runtime/osgi/www/custompages/ on the file system

none

session is invalidated

Logout, session is invalidated, the client is redirected to the login page.