aspose file tools*
The moose likes Security and the fly likes Jboss ldap Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Jboss ldap" Watch "Jboss ldap" New topic
Author

Jboss ldap

MK Shikarpuri
Greenhorn

Joined: Jan 21, 2004
Posts: 9
Hello,
I am using LdapLoginModule and form authentication to authenticate the user to my applicaiton. If the user is not authenticated, I go the the error page but if the user is authenticated successfully, how do I force the user to go to a specified JSP.
I am using j_security_check and Struts framework.
Thanks,
MK Shikarpuri
Greenhorn

Joined: Jan 21, 2004
Posts: 9
I got it to work. Let me know if someone needs to look at the code. I would be more than happy to share it.
Dave Teare
Ranch Hand

Joined: Oct 09, 2002
Posts: 80
Interesting - I had thought about this too.
Since you are using form-based login, the container pops up the login page only when a protected resource is accessed (i.e. it is a reactive model); the container is then in charge of redirecting you to the original page once you successfully login.
I personally have problems with this reactive model, and am currently trying to work around it; there must be a more flexible solution (else I'll write one ).
I am curious what solution you found? Thanks for sharing!!
--Dave.
MK Shikarpuri
Greenhorn

Joined: Jan 21, 2004
Posts: 9
Dave,
My problem was in the web.xml
So your welcome file should be the MAIN PAGE and form-login should point to LOGIN PAGE. If successfully logged in, it will take you to the MAIN page. In my case my debug level wasn't high enough and the application was actually failing during authentication and hence I could never go to the MAIN page.
Here's an snap of my web.xml
...
<welcome-file-list>
<welcome-file>main.jsp</welcome-file>
</welcome-file-list>
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Myapp</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>student</role-name>
<role-name>professor</role-name>
</auth-constraint>
</security-constraint>
...
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
...
<security-role>
<description>Student role</description>
<role-name>student</role-name>
</security-role>
<security-role>
<description>Professor role</description>
<role-name>professor</role-name>
</security-role>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Jboss ldap