tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Ward" <cw...@horizon-asset.co.uk>
Subject servlet sendRedirect() to j_security_check problem
Date Wed, 03 Dec 2003 15:15:48 GMT

Dear all,

I'm implementing "remember me" login functionality using
FORM authentication, a LoginServlet and a Filter.
It's very much based on the code in an earlier posting to
this list

	From: Raible, Matt 
	Subject: RE: Form based security and "Remember Me" 
	Date: Fri, 21 Feb 2003 07:33:22 -0800 

My set up works fine when my <FORM> uses "j_security_check" as it's
action but using a redirect from a servlet seems to fail with
a 403 error.  I've debugged the servlet so I know it's getting
to it and doing what I expect.


In the original mail, Matt's servlet call is...

	- - - - - - - - - - - - - - - - - - - - - - - - - -
	
	String username =
request.getParameter("j_username").toLowerCase();
	String password = request.getParameter("j_password");
	
	...

	String req =
	    "j_security_check?j_username=" + 
			RequestUtils.encodeURL(username)
	    + "&j_password=" + 
			RequestUtils.encodeURL(password);

	response.sendRedirect(response.encodeRedirectURL(req));

	- - - - - - - - - - - - - - - - - - - - - - - - - -


I don't have the "RequestUtils.encodeURL()" in my version.

	a) Do I need them? - the html form seems for work
	   even if the password field is plain text when the
	   action is set to "j_security_check".
	b) Where do I get these methods?  Aren't they somewhere
	   in Struts?  Do I really have to bring down all of that
	   stuff?

For completeness here's my code...

	- - - - - - - - - - - - - - - - - - - - - - - - - -

        String req =
            "j_security_check?j_username=" + 
			request.getParameter("j_username")
            + "&j_password=" + 
			request.getParameter("j_password");
            
        response.sendRedirect(response.encodeRedirectURL(req));

	- - - - - - - - - - - - - - - - - - - - - - - - - -

Any help would be fantastic.


Best regards
Chris


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message