If you want a real login form on every page, it's probably not. The "j_security_check" URL is only enabled when the container is in the middle of the form based login transaction.I'm trying to use declarative security in my struts app, but it's not really a struts-specific problem.
It works great when someone goes to a protected page. They get redirected to the "login page".
But what if I want to include a login form on any or every other page?
If I provide something more or less identical to the login page's form in a tile that goes on the top of every page, when the user "successfully" submits it, an HTTP 400 error is returned- Invalid direct reference to form login page.
I see a number of ways around this, but not give me the behavior I was hoping to implement. I want the user to be able to login on any page that doesn't necessarily require a login, and upon doing so, get sent back to that same page.
Is Declarative Security not meant for me??
An alternative would be to consider having a login *link* instead, which points at a protected resource (and therefore forces login if necessary). This resource would then just forward back to the main menu or something like that.
TIACraig
-Joe
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
