This week's book giveaway is in the OCPJP forum. We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line! See this thread for details.
I got the following problem: I have a J2EE web application and added a security constraint for it, so that we are able to use the security of the application server (e.g. LDAP). But the "normal" login procedure should not be touched in any way, so it should be possible that users may login over a standard login as well.
We use struts (to make everything a little more complex ;-) and two login modules.
My problem is, if I use the normal login, instead of the login.do the j2ee_login.jsp is called which is absolutly nonsense.
I am not sure if it lies in my struts-config.xml or if my application.xml and/or web.xml is wrong.
The j2ee_login.jsp login form should only be shown if the user calls the url j2ee.jsp and is not authenticated.
I hope anyone can help me with this. (and that security is the right forum to post this...)
thanks a lot, Manuel
[ May 23, 2006: Message edited by: Manuel Manhart ] [ May 23, 2006: Message edited by: Manuel Manhart ]