File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes j_security_check - How to pass parameters  in the URL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "j_security_check - How to pass parameters  in the URL" Watch "j_security_check - How to pass parameters  in the URL" New topic
Author

j_security_check - How to pass parameters in the URL

Efrat Bar-Nahum
Ranch Hand

Joined: Jan 19, 2006
Posts: 57
Hi,

I have a web application, and I'm using j_security_check (JAAS).

I have a second Java desktop application that also uses JAAS (and using the same Login Module).

Both applications have the same users (principals & roles).
When I log in to each of them, the login process works fine.

Now, from the java desktop application I want to launch a web browser and open my web application.
I don't want to get to the login page, since the user was already authenticated & authorized when he logged in to the java application.

So I'm trying to pass the user name & password to the j_security_check via the URL.
My URL is:


But I get an exception:

HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser


The strange thing is, that if I open a browser with the URL of the login page (http://localhost:8080/EM/), and then change the URL to the above one (with the username & password), it all works fine. The user is authenticated & authorized.

What am I doing wrong, and how can I fix the problem?

Thanks,
Efrat
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41182
    
  45
I think the folks in the Servlets forum might know more about this, so I'm moving the thread to that forum.


Ping & DNS - my free Android networking tools app
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: j_security_check - How to pass parameters in the URL
 
Similar Threads
Using default JAAS Mechanism in Websphere makes applications to access the context path of the other
Problem with navigation in JSF with Filter
How to use j_security_check directly (skip the login page)?
Re-opening the browser
j_security_check - How to pass parameters in the URL