• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Form Authentication does not work TomCat 5.5?

 
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am learngin Form Authentication , and I don't think 'j_security_check' works in TomCat 5.5, right?

Thanks.
 
Sheriff
Posts: 14691
16
Eclipse IDE VI Editor Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That would be a huge bug, wouldn't it ? But I think Tomcat is ok with form authentication. Can you post your form ? And please tell us a bit more about what is not working.
 
Ranch Hand
Posts: 128
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Form based authentication works perfectly in tomcat 5.5
 
Grace Yang
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for reply :-)

I want to know how Form Authentication works, but I get "HTTP Status 404 - /myWeb/MySecurity/j_security_check" after submitting the form.

---invoke form page.
http://localhost:8080/myWeb/MySecurity/formlogin.html

=== here's steps I do :

1. ---add following inside "tomcat-users.xml"
<user name="john" password="jjj" roles="employee" />
<user name="mary" password="mmm" roles="employee" />
<user name="bob" password="bbb" roles="employee, supervisor" />

2. -- add following inside web.xml
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/MySecurity/formlogin.html</form-login-page>
<form-error-page>/MySecurity/formerror.html</form-error-page>
</form-login-config>
</login-config>

3. -- create "formlogin.html"
<html>
<body>
<h4>Please login:</h4>
<form method="POST" action="j_security_check">
<input type="text" name="j_username">
<input type="password" name="j_password">
<input type="submit" value="OK">
</form>
</body>
</html>
4. -- create file "formerror.html"
<html>
<body>
<h4>Sorry, your username and password do not match.</h4>
</body>
</html>
 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE VI Editor Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You usually don't access the login page directly. In the deployment descriptor, you have to tell the container which resources are secured, and if you try to access them, the container will redirect you automatically to the login page. Try to think about it : if you access the login page directly, when you press the submit button, which page is going to be displayed next ?
 
Grace Yang
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Satou !!!

As you suggested, I added resouce access constraint, it works, great.

Grace
 
reply
    Bookmark Topic Watch Topic
  • New Topic