• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

Please help me setup the Form Based Authentication in WAS

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I am using custom-user-registry to protect web resource. I have setup everything. when start the Admin Console, it asked me for the user name and password, I entered those parameters and it let passed that point, so I assumed that the custome user registry I implemented works.

But when tried to access the protected resource, it seems like the application entered some sort of infinite loop, the browser keeps browsing and browsing...
and it seems like it would never stop !
The application.xml defines the role, "role-fn-user",
This role is mapped to a group in the database at the time of deployment (I selected option "select users/groups" in the "user role mapping" panel at deployment time. I believe that the Admin Cosole does look up for the group in the DB using the custom Registry because I did test change the value of the group in the group table and it does return the right value if I made the change.
I am sure that I missed something or have done something wrong. Please help me sole this problem, I spent the last three days trying to solve it, but I cannot
Thanks in advance
Xenoux
<application id="Application_ID">
<display-name>Furnnet</display-name>
<module id="EjbModule_1">
<ejb>Furnnet_EJB.jar</ejb>
</module>
<module id="WebModule_1">
<web>
<web-uri>furnnet.war</web-uri>
<context-root>/furnnet</context-root>
</web>
</module>
<security-role id="SecurityRole_1">
<role-name>role-fn-user</role-name>
</security-role>
</application>
 
Ranch Hand
Posts: 217
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Don't protect your singin page, exclude it from security-constraint in your web.xml!
Or it is definitely a deadloop...
 
Binh Nguyen
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,
I did not prect the logon.jsp.
I only protect anything of the main directory, /main/*, and my logon.jsp and error.jsp is at the roor level, same level with main directory.
in fact if tried something like this <root>login.jsp , it will render the logon.jsp page, but after enter the user name and password, I will get a error message that the j_security_check page not found, but infact the user had been authenticated because from that point, I can access the protected resource.

the infinite loop only happens if I tried to access the protected resource at the first place.
Do you have any idea?
Thanks in advance
Xenoux
 
Ranch Hand
Posts: 1072
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Xenoux
Please read the Javaranch Naming Policy and change your publicly displayed name to comply with our unique rule. Thank you for your cooperation.
 
Try 100 things. 2 will work out, but you will never know in advance which 2. This tiny ad might be one:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic