my dog learned polymorphism*
The moose likes JSP and the fly likes Can I have j_security_check in two login.jsp Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Can I have j_security_check in two login.jsp" Watch "Can I have j_security_check in two login.jsp" New topic
Author

Can I have j_security_check in two login.jsp

Chelis Flores
Greenhorn

Joined: Aug 15, 2006
Posts: 16
Hi all.
Anybody knows if I can have 2 login.jsp with <form action="j_security_check" method="post"> in the same application?

I have two roles in my aplication and I need to show a diferent login.jsp page for each. How can I do to have 2 login.jsp pages and send to respect index.jsp page. Does it can be possible?

thanks a lot!
Chelis Flores
Greenhorn

Joined: Aug 15, 2006
Posts: 16
this is not a JSP question!!!
is a Security question!!
if I can access with j_security_check with two diferent login.jsp pages to the same <security-constraint> configuration

thanks!
Michael Ku
Ranch Hand

Joined: Apr 20, 2002
Posts: 510
No
When you place a <login-config> tag in your web.xml file and indicate FORM as your <auth-method> you only get one entry for your <form-login-page> tag
[ August 28, 2007: Message edited by: Michael Ku ]
Merrill Higginson
Ranch Hand

Joined: Feb 15, 2005
Posts: 4864
Originally posted by Chelis Flores:
I have two roles in my aplication and I need to show a diferent login.jsp page for each.

This doesn't make sense. You don't even know which role a user is in until she logs in. So how can you show a different login page based on role, when you don't even know what role the user has yet?


Merrill
Consultant, Sima Solutions
Chelis Flores
Greenhorn

Joined: Aug 15, 2006
Posts: 16
Thanks Michael and Merrill
I could resolved my problem, I need to have two distint login.jsp pages because I authenticate the user and the administrator roles at the same LDAP, but the interfaces both of them must to be distinct.
I resolved putting two JSP pages with <j_security_check> one for the mortal user and another for the administrator and the web.xml in the <welcome-file-list> tag put a JSP (redirect.jsp) page that both roles have access, then in the redirect.jps ask about the role and redirect to the respective index.jsp.
Of course in the <form-login-page> I have the login interface for the user role and the Administrator role have to capture the URL to access to his login.jsp page but it is not problem.
And now my questions is, Is it correct to do? I could resolve my problem but I don�t know if is a good practice.
Thanks all
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Can I have j_security_check in two login.jsp