« Bluetooth-enabled... | Main | East Coast Storms »
20021205 Thursday December 05, 2002

Using one JSP for form-based authentication I'm writing about how to use the same login/error page with form-based authentication. Does anyone know which servlet containers this fails on? I guess it wouldn't hurt to know which ones it works on too. You can use this security.war (1.7MB) file to test. Since it's testing the failure page, you don't need to setup a user - but if you want, the role is tomcat. I know this works on Tomcat, so no need to test it. Posted in General at Dec 05 2002, 10:27:20 AM MST 6 Comments

Comments:

Appears to work with Resin 2.0.6. Hope this helps, E.

Posted by Erik on December 05, 2002 at 01:07 PM MST #

I ran into this on WLS 6.1 the other day: fails.

Posted by Lance on December 05, 2002 at 04:00 PM MST #

You might have to change the following value (in web.xml) to use the correct port: <code> <context-param> <param-name>listenPort_http</param-name> <param-value>8080</param-value> </context-param> </code> I just tried it on Sun ONE App Server 7 and it didn't work (server not found error) at first, but when I changed the above value from 8080 to 84, the port I have the appserver running on, everything worked fine. I'm downloading WebLogic 7 and Websphere 5 now to see if it works on them. I'm assuming that if it works on the latest/greatest versions, it can be considered a bug in previous versions ;0)

Posted by Matt Raible on December 05, 2002 at 07:22 PM MST #

JBoss 3.2.3/Tomcat seems to have issues with including query string parameters on the login page in web.xml if the login page is itself a secured url--if the login page isn't in a secured area, then things work fine. Basically if the login page is secured, then when you try to access a protected page, you get redirected to the login page, which jboss/tomcat doesn't recognize as the login page because of the parameters, so it gets in a recursive loop of continually requesting the login page.

Posted by Sue McCann on January 28, 2004 at 10:01 AM MST #

Hi im a java developer well trying to be and im doing a project for college that develops a java web site, i was wondering if you could help me im trying to do an admin section for the website and i would like to know how do you protect it so that only the admin user can access this area with their own username and password, im using myeclipse ,jsp pages and tomcat 4. I have looked around but i keep getting loads of websites with some bits of info but they dont tell you how to do it properly, i would be really gratefull if you could help me in any way asap as i only have a couple of weeks to get this done thanks. Roisin

Posted by Roisin on July 26, 2007 at 03:57 PM MDT #

nothing

Posted by 122.169.153.84 on September 28, 2007 at 04:32 AM MDT #

Post a Comment:
  • HTML Syntax: Allowed
Click me to subscribe
Matt Raible is a Web Architecture Consultant specializing in open source frameworks.
« May 2012
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today

Recent Entries

Tag Cloud

abbie appfuse denver flex grails gwt hibernate jack java jsf linkedin maven myfaces rails roller skiing softwaresummit spring springmvc struts2 tapestry travel vacation webframeworks wicket