Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Form Authentication does not work TomCat 5.5?

 
Grace Yang
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am learngin Form Authentication , and I don't think 'j_security_check' works in TomCat 5.5, right?

Thanks.
 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That would be a huge bug, wouldn't it ? But I think Tomcat is ok with form authentication. Can you post your form ? And please tell us a bit more about what is not working.
 
Tridib Samanta
Ranch Hand
Posts: 128
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Form based authentication works perfectly in tomcat 5.5
 
Grace Yang
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for reply :-)

I want to know how Form Authentication works, but I get "HTTP Status 404 - /myWeb/MySecurity/j_security_check" after submitting the form.

---invoke form page.
http://localhost:8080/myWeb/MySecurity/formlogin.html

=== here's steps I do :

1. ---add following inside "tomcat-users.xml"
<user name="john" password="jjj" roles="employee" />
<user name="mary" password="mmm" roles="employee" />
<user name="bob" password="bbb" roles="employee, supervisor" />

2. -- add following inside web.xml
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/MySecurity/formlogin.html</form-login-page>
<form-error-page>/MySecurity/formerror.html</form-error-page>
</form-login-config>
</login-config>

3. -- create "formlogin.html"
<html>
<body>
<h4>Please login:</h4>
<form method="POST" action="j_security_check">
<input type="text" name="j_username">
<input type="password" name="j_password">
<input type="submit" value="OK">
</form>
</body>
</html>
4. -- create file "formerror.html"
<html>
<body>
<h4>Sorry, your username and password do not match.</h4>
</body>
</html>
 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You usually don't access the login page directly. In the deployment descriptor, you have to tell the container which resources are secured, and if you try to access them, the container will redirect you automatically to the login page. Try to think about it : if you access the login page directly, when you press the submit button, which page is going to be displayed next ?
 
Grace Yang
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Satou !!!

As you suggested, I added resouce access constraint, it works, great.

Grace
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic