This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes Websphere and the fly likes Form based authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "Form based authentication" Watch "Form based authentication" New topic
Author

Form based authentication

Balbir Singh
Ranch Hand

Joined: Jun 01, 2001
Posts: 79
Hi,
I am trying to use form based authentication using os security. Everytime i try to access the secured jsp, it says that u r not authenticated to view the jsp but it doesnt forward it to the login page. The log says - Authentication failed for reason null. After enabling trace, this is the output:
[4/27/02 12:56:28:234 GMT+05:30] 3d846878 WebCollaborat getUserPrincipal
[4/27/02 12:56:28:234 GMT+05:30] 3d846878 WebCollaborat getUserPrincipal
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D preInvoke: contextRoot= /Exercise1
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D HttpServletRequest parameters and values:
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D Http Header names and values:
accept=[image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */*]
accept-encoding=[gzip, deflate]
accept-language=[en-us]
connection=[Keep-Alive]
host=[balbir.int.challengerindia.com]
user-agent=[Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)]
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D VirtualHost is : default_host
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat SetUnauthenticatedCredIfNeeded
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D Invoked and received Credential are null, setting it anonymous/unauthenticated.
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat SetUnauthenticatedCredIfNeeded:true
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 EJSWebCollabo D Request Context Path=/Exercise1, Servlet Path=/information.jsp, Path Info=null
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat authorize
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D URI requested: /information.jsp
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAppCache D Okay, I found the entry for [default_host:/Exercise1]
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebResourceCo D URI Match type = EXACT
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat checkConstraints
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat checkConstraints
<null>
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D We have a custom login or error page request, web app login URL:[/login.html], errorPage URL:[/error.jsp], and the requested URI:[/information.jsp]
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WSAccessManag isEveryoneGranted
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WSAccessManag No roles granted to the special subject, Everyone
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat D URI - /information.jsp.GET is protected
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica authenticate
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D handleTrustAssociation
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D TrustAssociation is enabled.
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 TrustAssociat getInterceptor
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 TrustAssociat getInterceptor
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica handleTrustAssociation: (null user)
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica handleCustomLogin
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D Form based login is configured for the resource
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D Exception occurred: null
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica D Authentication failed.
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebAuthentica authenticate
[4/27/02 12:56:56:375 GMT+05:30] 3d846878 WebCollaborat A SECJ0056E: Authentication failed for reason null
[4/27/02 12:56:56:406 GMT+05:30] 3d846878 WebCollaborat D Authentication failed. Reason: null
[4/27/02 12:56:56:406 GMT+05:30] 3d846878 WebCollaborat authorize
com.ibm.ws.security.web.DenyReply@6262e879
I am using the fully qualified domain name to access the page. Can anyone pls help


Thanks and Regards<br />Balbir Singh<br />Sun Certified Java Programmer<br />IBM Certified Administrator for WebSphere4.0
Balbir Singh
Ranch Hand

Joined: Jun 01, 2001
Posts: 79
Hi guys,
Any answers plsssss.....
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

How have you defined the security? If you 'lock' / and /*, then this matches /login.jsp (or whatever your login page is) so it can't return this page...
ie. You ask for /information.jsp, it matches /* so it is locked.
You get redirected to /login.jsp
login.jsp also matches /* so you get redirected to /login.jsp etc etc.
Dave
Balbir Singh
Ranch Hand

Joined: Jun 01, 2001
Posts: 79
Hi David,
Well yes i have defined the security, actually i checked up with the HitCount servlet in the examples, it gives me the same error when i try to access it, which means that theres nothing wrong with my application but yes some messing up in the configuration of websphere on my machine. I m curious, has anyone else encountered this problem and is there any fix pack for it?
Perkash Khoenkhoen
Greenhorn

Joined: Sep 12, 2002
Posts: 2
Like David said, it seems like you also secured the login-page.
 
jQuery in Action, 2nd edition
 
subject: Form based authentication