i did same now it gives following error The requested resource (/saraf/protected/j_security_check) is not available. Do i need edit server.xml or any other file.
On 2/3/06, David Smith <[EMAIL PROTECTED]> wrote: > > A quick overview of how authentication works might be helpful here. > Here's the sequence of events: > > 1) User requests a secured resource > 2) The server internally redirects the user to login.jsp (note: the > client NEVER directly requests login.jsp) > 3) The user enters his/her credentials and submits > 4) The system authenticates the user and returns the originally > requested resource. > > So what you really want to do is link to /seraf/index.jsp (or > whatever...) and let tomcat handle making sure the user is entitled to > it or not. > > --David > > Prashant Saraf wrote: > > >i created a link which connect to login.jsp then also it not works:( > > > >On 2/3/06, David Delbecq <[EMAIL PROTECTED]> wrote: > > > > > >>This mean you tried to access login form directly. This is not allowed > >>in j2ee specifications. > >>Access to login form should only be triggered by server on demand. You > >>can't force a login. > >>To access login page, simply put a link to saraf/index.html (simple > >>example) > >>Prashant Saraf a écrit : > >> > >> > >> > >>>i have a problem in Tomcat & jsp > >>>when i use j_security_check it gives me following error. > >>>The request sent by the client was syntactically incorrect (Invalid > >>> > >>> > >>direct > >> > >> > >>>reference to form login page > >>>why this so > >>>my web.xml.... > >>> > >>><?xml version=3D" 1.0" encoding=3D"ISO-8859-1"?> > >>> > >>> > >>><web-app xmlns=3D"http://java.sun.com/xml/ns/j2ee " > >>> xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance " > >>> xsi:schemaLocation=3D"http://java.sun.com/xml/ns/j2ee > >>>http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd > >>>" > >>> version=3D" 2.4"> > >>> > >>> <description> > >>> My first jsp example > >>> </description> > >>> <display-name>Work on Jsp</display-name> > >>> > >>> <security-constraint> > >>> <display-name>TestApp Security Constraint</display-name> > >>> <web-resource-collection> > >>> <web-resource-name>Protected Area</web-resource-name> > >>> <!-- Define the context-relative URL(s) to be protected --> > >>> > >>> <!-- If you list http methods, only those methods are > >>> > >>> > >>protecte= > >> > >> > >>>d > >>>--> > >>> <http-method>DELETE</http-method> > >>> <http-method>GET</http-method> > >>> <http-method>POST</http-method> > >>> <http-method>PUT</http-method> > >>> <url-pattern>/saraf/*</url-pattern> > >>> </web-resource-collection> > >>> <auth-constraint> > >>> <!-- Anyone with one of the listed roles may access this area > >>>--> > >>> <role-name>*</role-name> > >>> </auth-constraint> > >>> </security-constraint> > >>> > >>> <!-- Default login configuration uses form-based authentication --> > >>> <login-config> > >>> <auth-method>FORM</auth-method> > >>> <realm-name>Form-Based Authentication</realm-name> > >>> <form-login-config> > >>> <form-login-page>/login.jsp</form-login-page> > >>> <form-error-page>/error.jsp</form-error-page> > >>> </form-login-config> > >>> </login-config> > >>> <!-- Security roles referenced by this web application --> > >>></web-app> > >>> > >>> > >>>-- > >>>Cup of Java + Suger of XML = Secure WebApp > >>> > >>> > >>> > >>> > >>> > >>--------------------------------------------------------------------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > >> > > > > > >-- > >Cup of Java + Suger of XML = Secure WebApp > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Cup of Java + Suger of XML = Secure WebApp
