Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Form authentication method should be POST?

 
Chandra Sagi
Ranch Hand
Posts: 162
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ranchers,

I came across one important point regarding Form authentication. The HTML form should use only the method POST, GET is not acceptable. It was mentioned in SCWCD study guide - Bridgewater. Nothing about this is said in HFSJ. Is this correct in all cases? I thought it would be helpful to post here incase if its correct.

Thanks
Chandu
 
K Bala
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, this is correct.

There are 4 mandatory things when u use FORM authentication.

The method must be POST.
The action must be "j_security_check"
The username field must be named "j_username"
The password field must be named "j_password"

Hope this helps.
 
Chandra Sagi
Ranch Hand
Posts: 162
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Bala..

Cheers
Chandu
 
Veena Pointi
Ranch Hand
Posts: 442
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for letting us know about this.
 
Narendra Dhande
Ranch Hand
Posts: 951
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I think only following are mandatary.

The action must be "j_security_check"
The username field must be named "j_username"
The password field must be named "j_password"

Though the POST is not mandatary, it is obvious because you are passing password and other inportant information through this form.

Thanks
 
Ramasubbhu Allur Kuppusamy
Ranch Hand
Posts: 120
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Frederic,
Any thoughts on this ?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic