• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

WebLogic Form-Based Authentication Problem

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am trying to set up Form-Based Authentication on WebLogic8.1
The Problem:
If the user provides correct userid/password, he gets access to the protected resource as required, but if he provides incorrect userid/password, he gets a 403 Forbidden page, instead of getting the login failure page.
The Descriptors:
WEB.XML
___________________________________________________________________________
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<welcome-file-list>
<welcome-file>/protected/index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>My secure resources</web-resource-name>
<description>Resources to be placed under security control.</description>
<url-pattern>/protected/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>guest</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/Login.jsp</form-login-page>
<form-error-page>/LoginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>The role allowed to access our content</description>
<role-name>guest</role-name>
</security-role>
</web-app>
WEBLOGIC.XML
___________________________________________________________________________
<!DOCTYPE weblogic-web-app PUBLIC "-//BEA Systems, Inc.//DTD Web Application 8.1//EN" "http://www.bea.com/servers/wls810/dtd/weblogic810-web-jar.dtd">
<weblogic-web-app>
<security-role-assignment>
<role-name>guest</role-name>
<principal-name>MyUser</principal-name>
</security-role-assignment>
</weblogic-web-app>
___________________________________________________________________________
What am I missing here? Why doesnt it redirect to /LoginError.jsp instead of showing the 403 Forbidden page?
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm getting the same problem!
Were you able to find the solution???

TIA
[ July 01, 2004: Message edited by: javai girl ]
 
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Will the below config in web.xml helps u ???

<error-page>
<error-code>
403
</error-code>
<location>
/jsp/formpages/AccessRestricted.jsp
</location>
</error-page>
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
No, it did not. But I test the security web application come with weblogic8.1 examples, it works fine. I still did not figure out what's the problem.
 
sharon Developer
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It seems weblogic web server has a very high requirement for error page syntax. I copied fail-login.html from weblogic security webapp sample src folder to my application folder and make it as my login error page. My page works now.
 
reply
    Bookmark Topic Watch Topic
  • New Topic