tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: servlet sendRedirect() to j_security_check problem
Date Wed, 03 Dec 2003 22:56:59 GMT
Hi Chris,
I don't know whether that solution would ever work. I'm sure you can't 
post straight to j_security_check. Tomcat has to be aware that someone 
is trying to access a protected resource before it will invoke the login 
procedure.

Adam

On 12/03/2003 04:15 PM Chris Ward wrote:
> Dear all,
> 
> I'm implementing "remember me" login functionality using
> FORM authentication, a LoginServlet and a Filter.
> It's very much based on the code in an earlier posting to
> this list
> 
> 	From: Raible, Matt 
> 	Subject: RE: Form based security and "Remember Me" 
> 	Date: Fri, 21 Feb 2003 07:33:22 -0800 
> 
> My set up works fine when my <FORM> uses "j_security_check" as it's
> action but using a redirect from a servlet seems to fail with
> a 403 error.  I've debugged the servlet so I know it's getting
> to it and doing what I expect.
> 
> 
> In the original mail, Matt's servlet call is...
> 
> 	- - - - - - - - - - - - - - - - - - - - - - - - - -
> 	
> 	String username =
> request.getParameter("j_username").toLowerCase();
> 	String password = request.getParameter("j_password");
> 	
> 	...
> 
> 	String req =
> 	    "j_security_check?j_username=" + 
> 			RequestUtils.encodeURL(username)
> 	    + "&j_password=" + 
> 			RequestUtils.encodeURL(password);
> 
> 	response.sendRedirect(response.encodeRedirectURL(req));
> 
> 	- - - - - - - - - - - - - - - - - - - - - - - - - -
> 
> 
> I don't have the "RequestUtils.encodeURL()" in my version.
> 
> 	a) Do I need them? - the html form seems for work
> 	   even if the password field is plain text when the
> 	   action is set to "j_security_check".
> 	b) Where do I get these methods?  Aren't they somewhere
> 	   in Struts?  Do I really have to bring down all of that
> 	   stuff?
> 
> For completeness here's my code...
> 
> 	- - - - - - - - - - - - - - - - - - - - - - - - - -
> 
>         String req =
>             "j_security_check?j_username=" + 
> 			request.getParameter("j_username")
>             + "&j_password=" + 
> 			request.getParameter("j_password");
>             
>         response.sendRedirect(response.encodeRedirectURL(req));
> 
> 	- - - - - - - - - - - - - - - - - - - - - - - - - -
> 
> Any help would be fantastic.
> 
> 
> Best regards
> Chris
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


-- 
struts 1.1 + tomcat 5.0.14 + java 1.4.2
Linux 2.4.20 RH9

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message