Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Logging into a tomcat applications from an external form

 
Allan Christensen
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've recently created a Tomcat application using the forms security of the web container. However, I would like it to be possible to log-in to the application from an external web page. Ie. I have the tomcat application running on a host that only runs Java applications - and I have another application running on a host that only runs PHP and Python applications. I would like to create a form in one of the PHP applications that will login to the tomcat application.

What I've tried so far is this:



The problem with that is that after it has acknowledge that the user name and password is correct it tries to look for j_security_check which obviously is not a file.

Not really sure what to do about it. Anybody have any suggestions?

Kind regards,
Allan
 
somkiat puisungnoen
Ranch Hand
Posts: 1312
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think, you can't do that because "j_security_check" is not name of servlet mapping but this name shoule be trigger Server done in security.

But i'm not sure .


So, you can config that follow this ::

Basic and Form-based Authorization Configuration


Finally : please post your response ...
 
Allan Christensen
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The tomcat application works fine with security (just like the link you pasted) as it as. The problem is allowing external forms to log in.

It actually seems like it authenticates the user with the code that I pasted in my first post, the problem is that after the authentication it starts looking for the file j_security_check - maybe I should try to create a jsp file called j_security_check that automatically re-routes the user back to the default page.
 
Allan Christensen
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I actually got this thing working now. My only concern now is people who have disabled cookies in their browser - but that I can live with.

What I did was to use the form from my first post and then add the following mapping to my deployment descriptor:



which will redirect requests for j_security_check to the main servlet.

Pretty nice! :-)

Anyways, if anyone have any comments on this (if it should be avoided, if it is bad practice,etc) please go ahead and post.

Kind regards,
Allan
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic