jakarta-cactus-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Barendt" <e...@danube.com>
Subject FormAuthentication problem
Date Tue, 29 Apr 2008 22:28:56 GMT
I'm working on switching our application from Basic to Form authentication.
I had Cactus working fine with:

      request.setRedirectorName("ServletRedirectorSecure");
      request.setAuthentication(new BasicAuthentication("user", "password");

I changed our web.xml from BASIC to FORM, switched the application, and that
all works fine.  Cactus, however, fails when I change the above to:

      request.setRedirectorName("ServletRedirectorSecure");
      request.setAuthentication(new FormAuthentication("user", "password");

which should work according to
http://jakarta.apache.org/cactus/writing/howto_security.html

With BasicAuthentication, everything works fine and I get this in my access
log:

127.0.0.1 - user [29/Apr/2008:14:32:48 -0500] "GET
/application/ServletRedirectorSecure?Cactus_TestMethod=testMethod&Cactus_TestClass=com.company.TestClass&Cactus_AutomaticSession=true&Cactus_Service=CALL_TEST
HTTP/1.1" 200 -
127.0.0.1 - user [29/Apr/2008:14:32:48 -0500] "GET
/application/ServletRedirectorSecure?Cactus_Service=GET_RESULTS HTTP/1.1"
200 23


With FormAuthentication, I get  "Missing service name parameter
[Cactus_Service] in HTTP request." and "Error getting test result. This
could happen for example if you're using a load-balancer."  This is what I
see in my access log:

127.0.0.1 - - [29/Apr/2008:16:50:18 -0500] "GET
/application/ServletRedirectorSecure HTTP/1.1" 200 2357
127.0.0.1 - - [29/Apr/2008:16:50:18 -0500] "POST
/application/j_security_check HTTP/1.1" 302 -
127.0.0.1 - user [29/Apr/2008:16:50:18 -0500] "GET
/application/ServletRedirectorSecure HTTP/1.1" 500 2527
127.0.0.1 - user [29/Apr/2008:16:50:18 -0500] "GET
/application/ServletRedirectorSecure?Cactus_Service=GET_RESULTS HTTP/1.1"
500 2556

It seems to be losing the http parameters when I use form auth.  Did
something change between the time the docs were written and now?  Is there a
better FormAuthentication example?

Has anybody gotten FormAuthentication to work?

Thanks,
Eric

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message