tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcel Jansen" <>
Subject [TC4b5] SingleSignOn works with Basic Auth but not Forms
Date Wed, 20 Jun 2001 12:48:56 GMT

I'm running the Tomcat 4.0b5 build and am keen to use the
SingleSingOn feature. When I configure the web.xml files
to use basic authentication everything's fine but when using
Forms based authentication it will insist on authenticating every
web application.

Also, after authentication with a form
I always see http://.../j_security_check
as the URL instead of the protected URL.

I'm using a very sime servlet to authenticate (I see the same
behaviour with an HTML based example I tried):

public class Login extends HttpServlet {

    public void doGet (HttpServletRequest request, HttpServletResponse
response) {


            PrintWriter out = response.getWriter();
            out.print("<html>\r\n<body>\r\n<h1>Login page for
Websign</h1>\r\n\r\n<form method=\"POST\" action=\"j_security_check\" >\r\n
<input type=\"text\" name=\"j_username\"> \r\n <input type=\"password\"
name=\"j_password\"> \r\n \r\n <input type=\"submit\"
        catch (Exception ex) {


The web.xml files look like:

         <web-resource-name>Protected Area</web-resource-name>
	 <!-- Define the context-relative URL(s) to be protected -->
	 <!-- If you list http methods, only those methods are protected -->
         <!-- Anyone with one of the listed roles may access this area -->

    <!-- Use this for BASIC authentication -->

      <realm-name>Example Basic Authentication Area</realm-name>

    <!-- Use this for forms based authentication -->
      <realm-name>Example Form-Based Authentication Area</realm-name>

Have I configured my forms login badly? Has anybody had this
working with a non-jsp authentications form?

View raw message