aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Suggestion : Understanding behavior of Form Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Suggestion : Understanding behavior of Form Authentication" Watch "Suggestion : Understanding behavior of Form Authentication" New topic
Author

Suggestion : Understanding behavior of Form Authentication

Hitesh Kumar C
Ranch Hand

Joined: Sep 12, 2008
Posts: 35

Hi All,

While preparing for OCEJWCD, i was working with the Form Authentication.

I'm able to implement it with Tomcat 7.0 Web Server, but i have one doubt in the behavior of how Form Authentication actually works.

Here is the behavior which it got understood that is working fine.



Behavior which i didn't understood is:

(Why?)

Once, I'm authenticated and if i'm trying it again with same user name and password configure in tomcat-users.xml, I'd end up with this error:

HTTP Status 404 - /Authorization/j_security_check

type Status report

message /Authorization/j_security_check

description The requested resource (/Authorization/j_security_check) is not available.
Apache Tomcat/7.0.10


JSP File:


web.xml



tomcat-users.xml


My question is that if I'm already authenticated and I'm on login.jsp and I'm trying login again then why I am getting the Http 404 Error? and the same configurations worked for me while login initially?

Please give your suggestions on this and update me if I've done something wrong.

Thanks in advance.


OCJP 6.0, OCPJWCD 5
Hitesh Kumar C
Ranch Hand

Joined: Sep 12, 2008
Posts: 35

Anybody?
Joan Breton
Greenhorn

Joined: Nov 05, 2011
Posts: 5

Because you can't point to the login.jsp again , the correct use is :

login.jsp > FormAuthentication > If(Success) > goto(login.jsp OTHER_PROTECTED_RESOURCE)
login.jsp > FormAuthentication > If(Failure) > goto(Error.html)



See this post: http://www.coderanch.com/t/82393/Tomcat/Invalid-direct-reference-form-login

Good look.


At the moment OCJP, OCPJWCD.
Hitesh Kumar C
Ranch Hand

Joined: Sep 12, 2008
Posts: 35

Thanks for the such a nice observation.
Got the concept.

Thank you so much.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Suggestion : Understanding behavior of Form Authentication