"Ken Johanson" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > Does anyone have a suggested way to selectively, inside a simple JSP or > Servlet, cause the built-in Tomcat form-login to be presented? > > Currently, I'm doing the following: > > -Have protected URI inside my webapp, e.g. /login/, configured with a > security-constraint in web.xml. (this works okay; I can request that URI > and get the form and authenticate) > -Inside a JSP (or controller servlet, etc) where an authenticated-user > action needs to occur and the user isn't already auth'd, I create a > request dispatcher and include("/login/"). > > Is there a better way to selectively include the login-form? Perhaps a way > that doesn't require using a security-constraint? (reason below) > > The above seems like it should work; however I happen to get a > StringIndexOutOfBounds* (with tomcat 5.0.30), probably caused by RD not > being able to resolve the path of a protected URI (a guess) - so I'm > looking for another way.. >
No, it's actually because it's including a welcome-page. TC 5.5.x handles this case fine. > Thanks for any advise, > > ken > > * reported as http://issues.apache.org/bugzilla/show_bug.cgi?id=38233 > against 5.0.30: > > java.lang.StringIndexOutOfBoundsException: String index out of range: -1 > at java.lang.String.substring(String.java:1438) > at java.lang.String.substring(String.java:1411) > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:193) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) > at > org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:696) > at > org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:585) > at > org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:510) > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
