I have a web application, and I'm using j_security_check (JAAS).
I have a second Java desktop application that also uses JAAS (and using the same Login Module).
Both applications have the same users (principals & roles). When I log in to each of them, the login process works fine.
Now, from the java desktop application I want to launch a web browser and open my web application. I don't want to get to the login page, since the user was already authenticated & authorized when he logged in to the java application.
So I'm trying to pass the user name & password to the j_security_check via the URL. My URL is:
But I get an exception:
HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser
The strange thing is, that if I open a browser with the URL of the login page (http://localhost:8080/EM/), and then change the URL to the above one (with the username & password), it all works fine. The user is authenticated & authorized.
What am I doing wrong, and how can I fix the problem?