Forums Register Login
Form Based Authentication is not working

I have been working on Security Chapter and I have implemented the following code. Unable to identify the point of error. Kindly help.

Deployment Descriptor:


Hi Krutika Ravi,

try removing the <user-data-constraint> and see what happens

Hi Fritz,

That doesn't help.

In the above web.xml. Remove

Don't know where I am losing track.

Kind Regards
Hi Krutika,

In the above web.xml. Remove <http-method><http-method>

Ok, but you can do that still on your posting, just hit the edit button on right top of your posting. That makes this thread also easier to read.

What is exactly the problem? Do you get to the login page? Or can't you go beyond it? Do you get an error?

I guess that your are using j_username, j_password, and j_security_check ? ( with underscores, they might not show well on this page )

Hi Frits,

I do get the Edit Option on the Comments I am posting now. But for the first Post I get to see only the Quote Button.

Problems which I face:
a) I try opening a page and ideally I should be directed to the Form but that ain't happening.
b) I tried using BASIC Authentication and I don't get a prompt either.
c) I downloaded a brand new Tomcat container and my code still fails to give me a prompt.

Kind Regards
try removing the security from your web-application and see if you can get to the login.jsp without any problems.

If not, then the URL you are using is not good or the structure of your .war file is not good.



I believe, in <form-login-page>, you can't use a url pattern. Instead you should use the actual relative url /login.jsp
<servlet-constraint> ??? It must be <security-constraint> no ?
Hi All,


<servlet-constraint> ??? It must be <security-constraint> no ?

Yes, that is definitely a mistake.

@Jalil Idrissi:

I believe, in <form-login-page>, you can't use a url pattern. Instead you should use the actual relative url /login.jsp

No, that is not needed.

Just have a look at the following web.xml and try it yourself (it works well)

No matter. Try again. Fail again. Fail better. This time, do it with this tiny ad:
RavenDB is an Open Source NoSQL Database that’s fully transactional (ACID) across your database

This thread has been viewed 934 times.

All times above are in ranch (not your local) time.
The current ranch time is
Jan 23, 2019 20:00:57.