This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Security and the fly likes Strange behavior while accessing the application through IP address Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Strange behavior while accessing the application through IP address" Watch "Strange behavior while accessing the application through IP address" New topic
Author

Strange behavior while accessing the application through IP address

mahendra survase
Greenhorn

Joined: Oct 24, 2002
Posts: 22
I am facing a strange scenario in WSAD-webspere while trying to access the application through IP address.
I am using wsad for the developing the web application ,it had the form based authentication mechanism
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/view/jsp/LoginPage.jsp</form-login-page>
<form-error-page>/view/jsp/errorLogin.jsp</form-error-page>
</form-login-config>
and have a jsp page with a form submitting to �ibm_security_logout�.
When we access the application the running on the local PC with http�//localhost:�..followed by the context and the relevant folder structure it works just fine.
But when we start accessing the same application through the IP address URL i.e at the place of �localhost� if we put ip address of the machine we get different result some how it retains first logged in users data and continue showing it with the next logged in user even after first user logged from the application.
Just to make sure that its not specific to WSAD I created a domain on Webspere server and mapped it to IP address of the Webspere server. So that I could access the application deployed on webspere server using the IP addres URL i.e
http://965.34.476.454:9080/ContextXYZ/view/jsp/LoginPage.jsp
its behaving in the same strange manner retaining the data of the first logged in user and showing it to all other subsequent loggers even after the first user has logged out.

Please suggest me is it some thing to do with the erroneous implementation of the form based Authentication in the application (we are not using the separate logged off page and simply redirecting the user to login page)
Or it has some thing to do with the ip address access in WSAD-Webspher.
Strange part is same application behaves fine when accessed through the local host URL on same machine and if accessed through mapped URL on web sphere.
I know you all must be in a holiday mood with this long week end,but I can relax till the time I get solution for this scenario ,I will highly appreciate any help on this.

Thanks
Mahendra
SCJP,SCBCD,IBM 287
mahendra survase
Greenhorn

Joined: Oct 24, 2002
Posts: 22
What I meant is I cant` relax till the time I get the solution .Please reply ,its very urgent
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Strange behavior while accessing the application through IP address
 
Similar Threads
Redirect to the requested page failed using form-based authentication
Unauthenticated Access to a Secured Resource?
Struts JSP J2EE Security
strange scenario in WSAD-webspere
j_security_check - Invalid username or password message