• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Form based authentication

 
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I am trying to use form based authentication using os security. Everytime i try to access the secured jsp, it says that u r not authenticated to view the jsp but it doesnt forward it to the login page. The log says - Authentication failed for reason null. After enabling trace, this is the output:
[4/27/02 12:56:28:234 GMT+05:30] 3d846878 WebCollaborat getUserPrincipal
[4/27/02 12:56:28:234 GMT+05:30] 3d846878 WebCollaborat getUserPrincipal
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D preInvoke: contextRoot= /Exercise1
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D HttpServletRequest parameters and values:
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D Http Header names and values:
accept=[image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */*]
accept-encoding=[gzip, deflate]
accept-language=[en-us]
connection=[Keep-Alive]
host=[balbir.int.challengerindia.com]
user-agent=[Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)]
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D VirtualHost is : default_host
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat SetUnauthenticatedCredIfNeeded
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D Invoked and received Credential are null, setting it anonymous/unauthenticated.
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat SetUnauthenticatedCredIfNeeded:true
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D Request Context Path=/Exercise1, Servlet Path=/information.jsp, Path Info=null
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat authorize
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D URI requested: /information.jsp
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAppCache D Okay, I found the entry for [default_host:/Exercise1]
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebResourceCo D URI Match type = EXACT
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat checkConstraints
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat checkConstraints
<null>
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D We have a custom login or error page request, web app login URL:[/login.html], errorPage URL:[/error.jsp], and the requested URI:[/information.jsp]
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WSAccessManag isEveryoneGranted
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WSAccessManag No roles granted to the special subject, Everyone
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D URI - /information.jsp.GET is protected
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica authenticate
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D handleTrustAssociation
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D TrustAssociation is enabled.
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 TrustAssociat getInterceptor
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 TrustAssociat getInterceptor
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica handleTrustAssociation: (null user)
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica handleCustomLogin
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D Form based login is configured for the resource
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D Exception occurred: null
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D Authentication failed.
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica authenticate
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat A SECJ0056E: Authentication failed for reason null
[4/27/02 12:56:56:406 GMT+05:30] 3d846878 WebCollaborat D Authentication failed. Reason: null
[4/27/02 12:56:56:406 GMT+05:30] 3d846878 WebCollaborat authorize
com.ibm.ws.security.web.DenyReply@6262e879
I am using the fully qualified domain name to access the page. Can anyone pls help
 
Balbir Singh
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi guys,
Any answers plsssss.....
 
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
How have you defined the security? If you 'lock' / and /*, then this matches /login.jsp (or whatever your login page is) so it can't return this page...
ie. You ask for /information.jsp, it matches /* so it is locked.
You get redirected to /login.jsp
login.jsp also matches /* so you get redirected to /login.jsp etc etc.
Dave
 
Balbir Singh
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi David,
Well yes i have defined the security, actually i checked up with the HitCount servlet in the examples, it gives me the same error when i try to access it, which means that theres nothing wrong with my application but yes some messing up in the configuration of websphere on my machine. I m curious, has anyone else encountered this problem and is there any fix pack for it?
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Like David said, it seems like you also secured the login-page.
 
reply
    Bookmark Topic Watch Topic
  • New Topic