struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ronald Rotteveel" <>
Subject [OT] Tomcat 5 + j_security_check + login-error-page
Date Fri, 06 Feb 2004 10:03:48 GMT
Hello everybody,

I am porting my application from Tomcat 4.1.29 to Tomcat 5.0.18.

I have a Struts ForwardAction mapped to "/" that produces the page
with login form.
Form based authentication is set with the following fragment of the
deployment descriptor:

<auth-method >FORM</auth-method >
<form-login-page >/</form-login-page >
<form-error-page >/</form-error-page >
</form-login-config >
</login-config >

When the servlet is called with "?error=true" query string it displays
additional warning besides the login form.

It was working perfectly in Tomcat 4.1.29 but it works in Tomcat 5.0.18 only
in half:

When user tries to access protected page he is presented with login page. If
he enters valid login/password then he receives access to the resourse.

But if the user enters invalid login/password then instead of
form-error-page Tomcat displays the right page, but within the uri it says
"j_security_check" instead of /

I have tried to set up AccessLogValve and RequestDumpValve and to set debug
attribute on every element in servlet.xml and my context.xml (where
applicable) in order to try to understand what is going on inside Tomcat 5,
but no luck so far - request damp just shows that 1) there was request to
protected resourse 2) Tomcat returned form-login-page 3) user sent it back
with invalid login/password 4) Tomcat returned to j_security_check.

I had expected that there should be output from Realm between 3) and 4) but
there is not.

So, at the moment the conclusion is that the code that worked perfectly in
Tomcat 4.1.29 doesn 't work in Tomcat 5.0.18 and i don 't know why but i
be delighted if somebody will help me to find this out :)

Thanks in advance!



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message