• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Tim Cooke
  • Devaka Cooray
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
Bartenders:
  • Carey Brown
  • Roland Mueller

Invalid direct reference to form login page.

 
Ranch Hand
Posts: 87
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My web.xml declares a requirement for form based authentication.
When a user attempts to access the protected resource, the user is presented with my login page as expected. However, once a valid name and password are entered and submitted, the error "HTTP Status 400 - Invalid direct reference to form login page" is received.
I've read about how it is possible to get this message if you attempt to access the login page directly - but this is not my case. Can someone explain why I receive this message.
I'm using Struts 1.1 Tomcat 5.0.18 with IE6.
In my web.xml I have
<security-constraint>
<web-resource-collection>
<web-resource-name>Administrative</web-resource-name>
<!-- The URLs to protect -->
<url-pattern>/modifyOrder.do</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- The authorized users -->
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>Form Authentication Area</realm-name>
<form-login-config>
<form-login-page>/WEB-INF/pages/login.htm</form-login-page>
<form-error-page>/WEB-INF/pages/errorpage.html</form-error-page>
</form-login-config>
</login-config>
[ March 09, 2004: Message edited by: Rich Smyth ]
[ March 09, 2004: Message edited by: Rich Smyth ]
 
keep an eye out for scorpions and black widows. But the tiny ads are safe.
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic