Re: Problem in j_security_check

Fri, 03 Feb 2006 06:42:20 -0800 

Ok.
login.jsp and error.jsp probably shouldn't be located in the protected folder. They are meant to be seen by the unauthenticated users. index.html definitely shouldn't link to login.jsp. Link it to protected/index.jsp instead. 


Your web.xml specs a url pattern of saraf/*.  It should be /protected/*  
instead.



<form-login-page>/ login.jsp</form-login-page> (also in web.xml) should 
reflect the webapp relative location of login.jsp (where ever it ends up).



Take a general review of things to verify all your paths. I just cited a 
couple of them above.


-- David


Prashant Saraf wrote:

as i am new i refer tomcat 's  jsp-example
my structure of webapp

webapps-|
              |
          saraf
              |
           index.html(which link to login.jsp)
               |
           protected
                     |
                  login.jsp,error.jsp,index.jsp.



my login.jsp


<html>
<head>
<title>Login Page for Examples</title>
<body bgcolor="white">
<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
  <table border="0" cellspacing="5">
    <tr>
      <th align="right">Username:</th>
      <td align="left"><input type="text" name="j_username"></td>
    </tr>
    <tr>
      <th align="right">Password:</th>
      <td align="left"><input type="password" name="j_password"></td>
    </tr>
    <tr>
      <td align="right"><input type="submit" value="Log In"></td>
      <td align="left"><input type="reset"></td>
    </tr>
  </table>
</form>
</body>
</html>
 -----------------
error.jsp
------------------
<html>
<head>
<title>Error Page For Examples</title>
</head>
<body bgcolor="white">
Invalid username and/or password, please try
<a href='<%= response.encodeURL("login.jsp") %>'>again</a>.
</body>
</html>
----------


index.jsp

<%
  if (request.getParameter("logoff") != null) {
    session.invalidate();
    response.sendRedirect("index.jsp");
    return;
  }
%>
<html>
<head>
<title>Protected Page for Examples</title>
</head>
<body bgcolor="white">

You are logged in as remote user <b><%= request.getRemoteUser() %></b>
in session <b><%= session.getId() %></b><br><br>

<br>

If you have configured this app for form-based authentication, you can log
off by clicking
<a href='<%= response.encodeURL("index.jsp?logoff=true") %>'>here</a>.
This should cause you to be returned to the logon page after the redirect
that is performed.

</body>
</html>


  



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to