• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

Form-based authentication not working

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am trying to do form-based authentication (FBA) in what would seem a normal way but it is not working.
Here is what I do and what happens, see below for the environment, web.xml, etc.:
I want to enter the application by the url http://servername/contextroot. When I do this, I get a 404.
When I enter http://servername/contextroot/secure/index.jsp access is correctly denied, but I am not routed to the login page or error page.
When I enter http://servername/contextroot/Login, I am correctly given the logon page. But after I enter userid/password and submit, I get 404 on http://servername/contextroot/j_security_check. Which I guess makes sense, j_security_check should be without contextroot (???).
Can anyone straighten this out for me? I've followed the myriad examples out there as close as reasonable and no-go. Thanks hugely in advance.
CONFIGURATION: Win2K Websphere 5.0 Domino5 LDAP
WEB.XML: <?xml version="1.0" encoding="UTF-8"?> < !DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">; <web-app id="WebApp"> <display-name>mtts</display-name> <filter> <filter-name>LoginFilter</filter-name> <display-name>LoginFilter</display-name> <filter-class>mizuho.mtts.struts.security.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/LoginFilter</url-pattern> </filter-mapping> <filter-mapping> <filter-name>LoginFilter</filter-name> <servlet-name>action</servlet-name> </filter-mapping> <filter-mapping> <filter-name>LoginFilter</filter-name> <servlet-name>Login</servlet-name> </filter-mapping> <filter-mapping> <filter-name>LoginFilter</filter-name> <servlet-name>logout</servlet-name> </filter-mapping> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/j_security_check</url-pattern> </filter-mapping> <servlet> <servlet-name>action</servlet-name> <servlet-class>org.apache.struts.action.ActionServlet</servlet-class> <init-param> <param-name>config</param-name> <param-value>/WEB-INF/struts-config.xml</param-value> </init-param> <init-param> <param-name>debug</param-name> <param-value>2</param-value> </init-param> <init-param> <param-name>detail</param-name> <param-value>2</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> <servlet> <servlet-name>Login</servlet-name> <display-name>Login</display-name> <jsp-file>/Login.jsp</jsp-file> </servlet> <servlet> <servlet-name>loginError</servlet-name> <display-name>loginError</display-name> <jsp-file>/loginError.jsp</jsp-file> </servlet> <servlet> <servlet-name>logout</servlet-name> <display-name>logout</display-name> <jsp-file>/logout.jsp</jsp-file> </servlet> <servlet-mapping> <servlet-name>action</servlet-name> <url-pattern>*.do</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Login</servlet-name> <url-pattern>/Login</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>loginError</servlet-name> <url-pattern>/loginError</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>logout</servlet-name> <url-pattern>/logout</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>/secure/index.jsp</welcome-file> </welcome-file-list> <taglib> <taglib-uri>/tags/struts-bean</taglib-uri> <taglib-location>/WEB-INF/struts-bean.tld</taglib-location> </taglib> <taglib> <taglib-uri>/tags/struts-html</taglib-uri> <taglib-location>/WEB-INF/struts-html.tld</taglib-location> </taglib> <taglib> <taglib-uri>/tags/struts-logic</taglib-uri> <taglib-location>/WEB-INF/struts-logic.tld</taglib-location> </taglib> <taglib> <taglib-uri>/tags/struts-nested</taglib-uri> <taglib-location>/WEB-INF/struts-nested.tld</taglib-location> </taglib> <taglib> <taglib-uri>/tags/struts-tiles</taglib-uri> <taglib-location>/WEB-INF/struts-tiles.tld</taglib-location> </taglib> <security-constraint> <web-resource-collection> <web-resource-name>Secure Directory</web-resource-name> <description>Secure Pages</description> <url-pattern> /secure/*</url-pattern> <http-method> GET</http-method> <http-method> PUT</http-method> <http-method> HEAD</http-method> <http-method> TRACE</http-method> <http-method> POST</http-method> <http-method> DELETE</http-method> <http-method> OPTIONS</http-method> </web-resource-collection> <web-resource-collection> <web-resource-name>Struts apps</web-resource-name> <description>Struts apps qualifier</description> <url-pattern> *.do</url-pattern> <http-method> GET</http-method> <http-method> PUT</http-method> <http-method> HEAD</http-method> <http-method> TRACE</http-method> <http-method> POST</http-method> <http-method> DELETE</http-method> <http-method> OPTIONS</http-method> </web-resource-collection> <auth-constraint> <description>All users</description> <role-name>user</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>Timesheet</realm-name> <form-login-config> <form-login-page>/Login.jsp</form-login-page> <form-error-page>/loginError.jsp</form-error-page> </form-login-config> </login-config> <security-role> <description>Restrict access to Authenticated Users</description> <role-name>user</role-name> </security-role> </web-app>
 
Slime does not pay. Always keep your tiny ad dry.
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic