tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Roberts <techi...@ait-web.com>
Subject Re: Pb Form authentication
Date Wed, 23 Jul 2003 18:22:40 GMT
Here is your problem.

You can't do this.  You are navigating directly to "login.jsp".

<a href='<%= response.encodeURL("login.jsp") %>'>again</a>.

Rick

v.siguier wrote:
> I am agree with you but I don't try to access directly to login.jsp, I call the site
presentation page index.jsp.
> Following are my to authentication jsp pages :
> 
> Login.jsp :
> -------------
> <html>
> <head>
> <title>Login Page for Examples</title>
> <body bgcolor="white">
> <form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
>   <table border="0" cellspacing="5">
>     <tr>
>       <th align="right">Username:</th>
>       <td align="left"><input type="text" name="j_username"></td>
>     </tr>
>     <tr>
>       <th align="right">Password:</th>
>       <td align="left"><input type="password" name="j_password"></td>
>     </tr>
>     <tr>
>       <td align="right"><input type="submit" value="Log In"></td>
>       <td align="left"><input type="reset"></td>
>     </tr>
>   </table>
> </form>
> </body>
> </html>
> 
> 
> Error.jsp :
> ------------
> <html>
> <head>
> <title>Error Page For Examples</title>
> </head>
> <body bgcolor="white">
> Invalid username and/or password, please try
> <a href='<%= response.encodeURL("login.jsp") %>'>again</a>.
> </body>
> </html>
> 
> 
>>If I understand the question, then:
>>
>>It sounds like you are trying to navigate directly to "login.jsp" which your not 
>>suppose to do.
>>
>>Reason:
>>j_security_check intercepts your request and checks to see if your are currently 
>>authorized to go to that URI.  If you are then it forwards you to that location. 
>>  If you navigate directly to login.jsp, then j_security_check doesn't know 
>>where to forward you to.
>>
>>
>>v.siguier wrote:
>>
>>>Hello,
>>>
>>>I work with Tomcat 4.1.24 and I have a problem with authentication (I use DataSourceRealm)
at runtime.
>>>
>>>On login page, if I enter login - password existing in database with the rigth
role to access to the specified ressource it is OK 
>>>(the targeted page is displayed).
>>>The problem happens when I enter an existing login - password with the wrong role
: my error page is displayed and when I 
>>>click the login page link and enter an existing login - password with the rigth
role or wrong role, I have following Tomcat error 
>>>message :
>>>
>>>404 HTTP error - /context_root/jsp/j_security_check
>>>
>>>message /context_root/jsp/j_security_check
>>>description Asked ressource (/context_root/jsp/j_security_check) is not available.
>>>
>>>Does anybody know what is the problem ?
>>>Thanks for your help.
>>>
>>>Vincent
>>>
>>>
>>>------------------------------------------
>>>
>>>Faites un voeu et puis Voila ! www.voila.fr 
>>>
-- 
*******************************************
* Rick Roberts                            *
* Advanced Information Technologies, Inc. *
*******************************************


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message