Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 16819 invoked from network); 3 Dec 2003 15:16:53 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 3 Dec 2003 15:16:53 -0000 Received: (qmail 77934 invoked by uid 500); 3 Dec 2003 15:15:53 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 77900 invoked by uid 500); 3 Dec 2003 15:15:53 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 77838 invoked from network); 3 Dec 2003 15:15:52 -0000 Received: from unknown (HELO mail.horizon-asset.co.uk) (195.157.145.29) by daedalus.apache.org with SMTP; 3 Dec 2003 15:15:52 -0000 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Subject: servlet sendRedirect() to j_security_check problem Date: Wed, 3 Dec 2003 15:15:48 -0000 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: servlet sendRedirect() to j_security_check problem Thread-Index: AcO5sFHg0ZzxihaNTo+QYjfXaFALKw== From: "Chris Ward" To: X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Dear all, I'm implementing "remember me" login functionality using FORM authentication, a LoginServlet and a Filter. It's very much based on the code in an earlier posting to this list From: Raible, Matt=20 Subject: RE: Form based security and "Remember Me"=20 Date: Fri, 21 Feb 2003 07:33:22 -0800=20 My set up works fine when my

uses "j_security_check" as it's action but using a redirect from a servlet seems to fail with a 403 error. I've debugged the servlet so I know it's getting to it and doing what I expect. In the original mail, Matt's servlet call is... - - - - - - - - - - - - - - - - - - - - - - - - - - =09 String username =3D request.getParameter("j_username").toLowerCase(); String password =3D request.getParameter("j_password"); =09 ... String req =3D "j_security_check?j_username=3D" +=20 RequestUtils.encodeURL(username) + "&j_password=3D" +=20 RequestUtils.encodeURL(password); response.sendRedirect(response.encodeRedirectURL(req)); - - - - - - - - - - - - - - - - - - - - - - - - - - I don't have the "RequestUtils.encodeURL()" in my version. a) Do I need them? - the html form seems for work even if the password field is plain text when the action is set to "j_security_check". b) Where do I get these methods? Aren't they somewhere in Struts? Do I really have to bring down all of that stuff? For completeness here's my code... - - - - - - - - - - - - - - - - - - - - - - - - - - String req =3D "j_security_check?j_username=3D" +=20 request.getParameter("j_username") + "&j_password=3D" +=20 request.getParameter("j_password"); =20 response.sendRedirect(response.encodeRedirectURL(req)); - - - - - - - - - - - - - - - - - - - - - - - - - - Any help would be fantastic. Best regards Chris --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org