File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes j_security_check - How to pass parameters  in the URL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "j_security_check - How to pass parameters  in the URL" Watch "j_security_check - How to pass parameters  in the URL" New topic
Author

j_security_check - How to pass parameters in the URL

Efrat Bar-Nahum
Ranch Hand

Joined: Jan 19, 2006
Posts: 57
Hi,

I have a web application, and I'm using j_security_check (JAAS).

I have a second Java desktop application that also uses JAAS (and using the same Login Module).

Both applications have the same users (principals & roles).
When I log in to each of them, the login process works fine.

Now, from the java desktop application I want to launch a web browser and open my web application.
I don't want to get to the login page, since the user was already authenticated & authorized when he logged in to the java application.

So I'm trying to pass the user name & password to the j_security_check via the URL.
My URL is:


But I get an exception:

HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser


The strange thing is, that if I open a browser with the URL of the login page (http://localhost:8080/EM/), and then change the URL to the above one (with the username & password), it all works fine. The user is authenticated & authorized.

What am I doing wrong, and how can I fix the problem?

Thanks,
Efrat
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42913
    
  68
I think the folks in the Servlets forum might know more about this, so I'm moving the thread to that forum.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: j_security_check - How to pass parameters in the URL