aspose file tools*
The moose likes Websphere and the fly likes strange scenario in WSAD-webspere Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "strange scenario in WSAD-webspere " Watch "strange scenario in WSAD-webspere " New topic
Author

strange scenario in WSAD-webspere

mahendra survase
Greenhorn

Joined: Oct 24, 2002
Posts: 22
I am facing a strange scenario in WSAD-webspere while trying to access the application through IP address.
I am using wsad for the developing the web application ,it had the form based authentication mechanism
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/view/jsp/LoginPage.jsp</form-login-page>
<form-error-page>/view/jsp/errorLogin.jsp</form-error-page>
</form-login-config>
and have a jsp page with a form submitting to �ibm_security_logout�.
When we access the application the running on the local PC with http�//localhost:�..followed by the context and the relevant folder structure it works just fine.
But when we start accessing the same application through the IP address URL i.e at the place of �localhost� if we put ip address of the machine we get different result some how it retains first logged in users data and continue showing it with the next logged in user even after first user logged from the application.
Just to make sure that its not specific to WSAD I created a domain on Webspere server and mapped it to IP address of the Webspere server. So that I could access the application deployed on webspere server using the IP addres URL i.e
http://965.34.476.454:9080/ContextXYZ/view/jsp/LoginPage.jsp
its behaving in the same strange manner retaining the data of the first logged in user and showing it to all other subsequent loggers even after the first user has logged out.

Please suggest me is it some thing to do with the erroneous implementation of the form based Authentication in the application (we are not using the separate logged off page and simply redirecting the user to login page)
Or it has some thing to do with the ip address access in WSAD-Webspher.
Strange part is same application behaves fine when accessed through the local host URL on same machine and if accessed through mapped URL on web sphere.
I know you all must be in a holiday mood with this long week end,but I can`t relax till the time I get solution for this scenario ,I will highly appreciate any help on this.

Thanks
Mahendra
SCJP,SCBCD,IBM 287

Michael Valentino
Ranch Hand

Joined: Nov 01, 2005
Posts: 96
Try telling the web browser not to cache any information sent by the application. A good way to do this which I've implemented before is to use a Filter that filters all requests and add the following to the response (as illustrated in JavaServer Pages, 3rd edition Hans Bergsten):



I don't think all of that is necessary, but you can decide which headers you want to add or set, and apply those to each response using a filter.

Also, this may be obvious, but if you're using Application scoped variables to store user information, that could be a cause too.


SCJP 1.4, SCWCD J2EE 1.4, SCJD J2SE 1.5, SCBCD J2EE 1.3, SCDJWS (In Progress)
mahendra survase
Greenhorn

Joined: Oct 24, 2002
Posts: 22
Thanks Michael
adding the cash clearing code helped,but was wandering how it was working fine without cash clearing code when we were accessing the application through domain URL and not IP address.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: strange scenario in WSAD-webspere
 
Similar Threads
Strange behavior while accessing the application through IP address
Struts JSP J2EE Security
Redirect to the requested page failed using form-based authentication
How to: use Form based auth via JDBCRealm:oracle in Glassfish 3.0
error with j_security_check