tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: FORM authentication - prevent login from popping up
Date Mon, 05 Apr 2004 07:41:22 GMT
To do a login programmatically via form-based authentication, you would 
need to watch for the login form being returned that has a submit action 
to j_security_check. You must submit that with the correct headers and 
form element parameters - j_username and j_password.

Adam

On 04/04/2004 11:20 PM Malcolm Warren wrote:
> 
> I'm switching from Basic (with SSL) to Form authentication (also with 
> SSL of course).
> 
> This has caused a problem with one particular application, which opens a 
> socket on a .jsp page, collects the html code and saves it disk. The 
> html code is then later used by a fax application to send a fax.
> 
> With Form authentication I am getting a login popping up, which since I 
> have already signed in, should be unnecessary if I provide the right 
> stuff to Tomcat.
> 
> For Basic authorization, all the application had to do was send an 
> "Authorization" header and in I went without a login.
> But with Form authentication I am unable to prevent the new login.
> I assumed that setting the JSESSIONID and JSESSIONIDSSO cookies would be 
> sufficient, and here is my code.
> 
>         OutputStream out = sock.getOutputStream();
>         String firstLine = "GET " + fileName + " HTTP/1.1\r\n";
>         String secondLine = "Host: " + hostName + "\r\n";
>         send(out, firstLine);
>         send(out, secondLine);
>         send(out, "Set-Cookie: JSESSIONID=" + jsessionId + 
> ";JSESSIONIDSSO=" + jsessionidSSO + "; Path=/" + "\r\n");
>         send(out, "\r\n");
> 
> But unfortunately Tomcat isn't impressed and I get a login page. Can 
> anybody tell me where I'm going wrong?
> 
> Thanks.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


-- 
struts 1.2 + tomcat 5.0.19 + java 1.4.2
Linux 2.4.20 Debian


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message