aspose file tools*
The moose likes Tomcat and the fly likes Admin tool: Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Admin tool: "Invalid direct reference to form login"" Watch "Admin tool: "Invalid direct reference to form login"" New topic
Author

Admin tool: "Invalid direct reference to form login"

Ron Newman
Ranch Hand

Joined: Jun 06, 2002
Posts: 1056
When I try to log into the Tomcat Admin tool (http://localhost:8080/admin/login.jsp), I get this error:

HTTP Status 400 - Invalid direct reference to form login page
type Status report
message Invalid direct reference to form login page
description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).

This happens if I try to log in as any of the users defined in my tomcat-users.xml file, as long as I provide a correct username and password. It does not matter whether or not the user has been defined to include the "admin" role.
If I use an invalid username or password, I (properly) get a page telling me so, with a link back to the login form to try again.
What is configured incorrectly here, and how do I fix it?


Ron Newman - SCJP 1.2 (100%, 7 August 2002)
Mike Curwen
Ranch Hand

Joined: Feb 20, 2001
Posts: 3695

It has to do with container managed security...

If you go directly , with no intermediate page, to the login page , the container will not know where to direct "after". You have to first hit a protected page (like http://localhost:8080/admin) and when it re-directs you to login.jsp, it will know that you then want to go to /admin after a successful login.

When you go directly there and fail, it knows enough to send appropriate error messages and what not, but as soon as you succeed, you will need to have "come from somewhere else" so it knows where to send you next.

Did that make sense?
Ron Newman
Ranch Hand

Joined: Jun 06, 2002
Posts: 1056
But I'm not going to the login form directly. This happens when I go to http://localhost:8080/admin .
Rene Larsen
Ranch Hand

Joined: Oct 12, 2001
Posts: 1179

Do you have a user in 'tomcat-users.xml' with 'admin' role?
If not add one...
Rene


Regards, Rene Larsen
Dropbox Invite
Ron Newman
Ranch Hand

Joined: Jun 06, 2002
Posts: 1056
Yes, I do (and did).
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Admin tool: "Invalid direct reference to form login"