Hello,
Does anyone have a suggested way to selectively, inside a simple JSP or
Servlet, cause the built-in Tomcat form-login to be presented?
Currently, I'm doing the following:
-Have protected URI inside my webapp, e.g. /login/, configured with a
security-constraint in web.xml. (this works okay; I can request that URI
and get the form and authenticate)
-Inside a JSP (or controller servlet, etc) where an authenticated-user
action needs to occur and the user isn't already auth'd, I create a
request dispatcher and include("/login/").
Is there a better way to selectively include the login-form? Perhaps a
way that doesn't require using a security-constraint? (reason below)
The above seems like it should work; however I happen to get a
StringIndexOutOfBounds* (with tomcat 5.0.30), probably caused by RD not
being able to resolve the path of a protected URI (a guess) - so I'm
looking for another way..
Thanks for any advise,
ken
* reported as http://issues.apache.org/bugzilla/show_bug.cgi?id=38233
against 5.0.30:
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1438)
at java.lang.String.substring(String.java:1411)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:193)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:696)
at
org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:585)
at
org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:510)
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
