Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Security and the fly likes j_security_check - How to pass parameters  in the URL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "j_security_check - How to pass parameters  in the URL" Watch "j_security_check - How to pass parameters  in the URL" New topic
Author

j_security_check - How to pass parameters in the URL

Efrat Bar-Nahum
Ranch Hand

Joined: Jan 19, 2006
Posts: 57
Hi,

I have a web application, and I'm using j_security_check (JAAS).

I have a second Java desktop application that also uses JAAS (and using the same Login Module).

Both applications have the same users (principals & roles).
When I log in to each of them, the login process works fine.

Now, from the java desktop application I want to launch a web browser and open my web application.
I don't want to get to the login page, since the user was already authenticated & authorized when he logged in to the java application.

So I'm trying to pass the user name & password to the j_security_check via the URL.
My URL is:


But I get an exception:

HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser


The strange thing is, that if I open a browser with the URL of the login page (http://localhost:8080/EM/), and then change the URL to the above one (with the username & password), it all works fine. The user is authenticated & authorized.

What am I doing wrong, and how can I fix the problem?

Thanks,
Efrat
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41052
    
  43
I think the folks in the Servlets forum might know more about this, so I'm moving the thread to that forum.


Ping & DNS - my free Android networking tools app
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: j_security_check - How to pass parameters in the URL
 
Similar Threads
How to use j_security_check directly (skip the login page)?
Using default JAAS Mechanism in Websphere makes applications to access the context path of the other
Problem with navigation in JSF with Filter
Re-opening the browser
j_security_check - How to pass parameters in the URL