File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Problem in Form based authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Problem in Form based authentication" Watch "Problem in Form based authentication" New topic
Author

Problem in Form based authentication

Dilshan Edirisuriya
Ranch Hand

Joined: Apr 22, 2006
Posts: 299
I tried the example which is given in the HFSJ but it didn't work.

I got "Http status 400-Invalid direct reference to form login page"
descriptin says that "the request sent by client is syntactically incorrect"

Here is my jsp pages

index.jsp
<html>
<head>
<title>Index</title>
</head>
<body>
<h1>
<pre>
<form action="j_security_check" method="post">
Click Here to Proceed

Name:<input type="text" name="j_username"/>

Password:<input type="password" name="j_password"/>


<input type="submit" value="Submit"/>
</pre>
</form>
</pre>
</h1>
</body>
</html>

MyJSP.jsp

<html>
<head>
<title>MyJSP</title>
</head>
<body>
<h1>This is MyJSP.jsp<br>

</h1>
</body>
</html>

error.jsp

<html>
<head>
<title>Index</title>
</head>
<body>
<h1>
Invalid user name or password<br></h1>
<h2>
<a href="index.jsp">Click here to try again.....</a>
</h2>
</body>
</html>

DD

<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<servlet>
<servlet-name>Dilshan</servlet-name>
<jsp-file>/MyJSP.jsp</jsp-file>
</servlet>

<servlet-mapping>
<servlet-name>Dilshan</servlet-name>
<url-pattern>/dilshan.dil</url-pattern>
</servlet-mapping>

<security-role>
<role-name>admin</role-name>
</security-role>

<security-role>
<role-name>manager</role-name>
</security-role>

<security-role>
<role-name>role1</role-name>
</security-role>

<security-role>
<role-name>tomcat</role-name>
</security-role>

<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/index.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>

<security-constraint>
<web-resource-collection>
<web-resource-name>UpdateRecipe</web-resource-name>
<url-pattern>/dilshan.dil</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
<role-name>manager</role-name>
<role-name>role1</role-name>
<role-name>tomcat</role-name>
</auth-constraint>

</security-constraint>

</web-app>

Can somebody help me to solve the problem?
And also I'm not clear about how to implement CLIENT-CERT


Dilshan Edirisuriya SCJP1.4, SCWCD1.4, SCBCD 5
Christophe Verré
Sheriff

Joined: Nov 24, 2005
Posts: 14687
    
  16

Did you access index.jsp straight from the web browser, typing the url ?
I don't think that you should do that. The container will display it when you try to access protected content.


[My Blog]
All roads lead to JavaRanch
Dilshan Edirisuriya
Ranch Hand

Joined: Apr 22, 2006
Posts: 299
I deployed the application using Tomcat. By clicking tomcat manager I locate my application and access the application. Then I can see the index.jsp page. When I was using a wrong username or password I got the "error.jsp" but when I was using the correct one it ends up giving the above error.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Problem in Form based authentication