ADF Security: Implicit Authentication (continued)
3. Because the adfAuthentication servlet has a J2EE security constraint on it, calling the adfAuthentication Servlet results in the J2EE container invoking the configured login mechanism.
4. Based on the container’s login configuration, the user is prompted to authenticate. The example shown in the slide uses a form-based login, so the appropriate login form is displayed. The user enters credentials and posts the form back to the container's j_security_check() method, so that the Java EE container can authenticate the user.
5. Upon successful authentication, the container redirects the user back to the adfAuthentication servlet.
6. The adfAuthentication servlet forwards the user to the requested page. If ADF Security is enforced, that resource appears if the user has access privileges.