tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: j_security_check gets a 404 error
Date Thu, 04 Sep 2003 05:36:38 GMT
You need to add j_security_check to the URIs that get passed to Tomcat.  I
don't use Jk2 myself, but if your version is recent enough, I believe that
you can even use:
   /*/j_security_check ajp13

If I'm wrong (and that doesn't work), simply put the full path to
j_security_check.

"Louise Pryor" <lists@louisepryor.com> wrote in message
news:129774157890.20030903152414@louisepryor.com...
> Hi
>
> I'm having a problem using form-based authentication. It all works
> fine with standalone Tomcat, but goes pear shaped on Apache with
> Tomcat. It seems to be the same problem that is described in
> http://www.mail-archive.com/struts-user@jakarta.apache.org/msg43091.html
> (but I think it's more a Tomcat thing than a struts thing).
>
> Basically, I'm using the securityfilter filter from
> http://www.securityfilter.org/. I have a login.jsp that submits a form
> to j_security_check in the usual way. The only trouble is that Apache
> comes back with an Apache 404 on /path-to-login.jsp/j_security_check.  It
is
> clearly not passing j_security_check through to Tomcat to handle.
>
> The URL at the top of this message suggests passing all requests
> through to Tomcat (at least I think that's what it means - it uses
> mod_jk, and I'm using mod_jk2, which I'm not totally expert at
> anyway). First, that doesn't seem to work for me, and second, although
> I could configure things that way on my local setup it's not a
> realistic option for deployment, where I'm on a shared server.
>
> The support guy at my hosting service suggested making the target of
> the form /servlet/j_security_check, which at least gets it through to
> Tomcat --- which then gives me a 404. Obviously this is right, because
> I have no servlet mapping that would pick it up.
>
> So is there a way of defining a servlet mapping (or indeed any other
> element in web.xml) that would push things through to the right place?
>
> Alternatively is there any way of doing this programmatically? Could I
> send the form into a servlet which could then forward or redirect to
> j_security_check directly, without going through Apache? If so, how?
>
> Thanks for any help on this.
>
> -- 
> Louise Pryor
> http://www.louisepryor.com




Mime
View raw message