tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anil Paul" <>
Subject Re: Re: Problem with POST and FORM based authentication
Date Wed, 06 Feb 2002 14:49:12 GMT
Thanks for replying. I've checked this and the login page is fine.
<h4>Please login:</h4>
<form method="POST" action="j_security_check">
  <input type="text" name="j_username">
  <input type="password" name="j_password">
  <input type="submit" value="OK">

As I wrote earlier, it correctly authenticates the user but after 
authenticating, it does not forward (or redirect, whatever) to the servlet's 
POST method. Also, if I apply the contraint for GET, it is working fine.

Every thing is working fine if I use the BASIC method instread of FORM.

I suspect that it is a bug in tomcat implementation. Can somebody please 
verify it?


>This is possibly a shot in the dark. But in your login.html page
have you defined <FORM METHOD="POST"...>?
>Hope this helps.

"Anil Paul" <> on 02/02/2002 10:58:32 AM


Subject:  Problem with POST and FORM based authentication

Dear all,
I am trying to apply a security contraint on POST requests to my
servlet. I

specifed it in my web.xml as:






I defined the login config as follows:



When I send a POST request to TestServlet from the brower (by
submitting a
form), I get the login.html page as expected. However, when I submit
username/password , doGet of TestServlet is getting called instead

To be sure that my settings are all right, I changed the login-
config from
FORM to BASIC, and everything worked fine. ie., after submitting the
page, doPost of the servlet is called. So, it's only with the FORM
authentication that there is a problem.

I also tested this configuration on JRun and it also has the same
somebody please throw some light on it? May be I am not doing

Please help,

Get your FREE download of MSN Explorer at

To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message