Custom user login form

The WebSphere® Application Server OAuth service provider includes a form login page for a user to submit a username and password. This page is used to authenticate users when they access applications that are secured by the OAuth service provider.

You can customize your own form login page, but it must be implemented as required in the form-based authentication in the servlet specification. In this form, the action must be j_security_check, and use the j_username input field to get the username. The action must also use the j_password input field to get the user password. The custom form login page must be provided as an unprotected web resource.

To use the custom form login page for a specific OAuth20 service provider, you must update the service provider definition in the server.xml file. In the provider configuration, you must add the customLoginURL attribute and specify the login page URL as the value.

The following is an example custom login page entry in the provider definition:
<oauthProvider id="OAuthConfigSample"
  customLoginURL="https://acme.com:9043/oath20/login.jsp"
  ...>