Authentication#
In order to handle the authentication of a user, it is recommended to use standard authentication approaches enforced by the servlet container.Support for container-specific authentication, such as Tomcat Realms, might be developed in the future.
Legacy authentication mechanism#
This legacy authentication mechanism is described for historical purposes. However, it is recommended to use a more standard approach to authentication, such as using the authentication mechanisms of the servlet container.
Makumba has a built-in authentication mechanism which is based on checking whether specific makumba attributes are being set. In case an attribute is required when accessing the page but not set, an org.makumba.UnauthenticatedException will be thrown and the corresponding login page called.
When an org.makumba.UnauthenticatedException is thrown, Makumba will look for a login.jsp page, starting from the directory of the page accessed in the request until the root directory.
the mak:login and mak:logout tags can be used in order to set and remove Makumba attributes.