Hi, Thanks for the reply.
I think the password is okay. If I change it to something else I get a 403 (forbidden) error response code: java.lang.Exception: Received a status code [403] and was expecting a [302] Now things get a little bit strange ... I think the HTTP sniffer I was using (HTTPLook) might have somehow been interfering with HTTP traffic. After turning it off and running my test again I got the following cactus error: java.lang.Exception: Received a status code [500] and was expecting a [302] And in my OC4J application.log you can see that the 500 Error was caused by something I've seen in mailing list archives quite a bit: javax.servlet.ServletException: Missing service name parameter [Cactus_Service] in HTTP request. Received query string is []. Now, if I change by begin method to expect a response code of 500 ... public void beginA(WebRequest theRequest) { theRequest.setRedirectorName("ServletRedirectorSecure"); FormAuthentication fa = new FormAuthentication("0", "qUqP5cyxm6YcTAhz05Hph5gvu9M="); fa.setExpectedAuthResponse(500); theRequest.setAuthentication(fa); } ... guess what? The test runs fine. I'm still getting the application error but I'm guessing that's because something in the web-app (I've only just started working on it and I'm not too familiar with it just yet) tries to process the original request to the ServletRedirectorSecure and there was no Cactus_Service request parameter. Out of curiosity I set the redirector name to the following in my begin method: theRequest.setRedirectorName("ServletRedirectorSecure?Cactus_Service=GET_VER SION"); But I still get the 500 error. Anyway, if a call to setExpectedAuthResponse(500) gets my tests running then I'm happy for the time being. Thanks, Setanta. -----Original Message----- From: Kazuhito SUGURI [mailto:[EMAIL PROTECTED] Sent: 18 November 2004 11:22 To: [EMAIL PROTECTED] Subject: Re: FormAuthentication and Error Code 500 Hi Setanta, In article <[EMAIL PROTECTED]>, Thu, 18 Nov 2004 11:03:53 -0000, Setanta Mathews <[EMAIL PROTECTED]> wrote: smathews> public void beginA(WebRequest theRequest) smathews> { smathews> theRequest.setRedirectorName("ServletRedirectorSecure"); smathews> FormAuthentication fa = new FormAuthentication("0", smathews> "qUqP5cyxm6YcTAhz05Hph5gvu9M="); smathews> theRequest.setAuthentication(fa); smathews> } Is the password "qUqP5cyxm6YcTAhz05Hph5gvu9M=" base-64 encoded? Your system may stores passwords with encrypted and base-64 encoded form, however, you should give a password with plain text form to the system. So, you should pass a plain password to the constructor, I guess. smathews> The HTTP traffic is smathews> smathews> 1 - Cactus Request smathews> smathews> GET /ServletRedirectorSecure? HTTP/1.1 smathews> Content-type: application/x-www-form-urlencoded smathews> User-Agent: Jakarta Commons-HttpClient/2.0rc1 smathews> Host: localhost:8889 smathews> smathews> 2 - OC4J Response smathews> smathews> HTTP/1.1 200 OK smathews> Date: Thu, 18 Nov 2004 10:43:46 GMT smathews> Server: Oracle9iAS (9.0.3.0.0) Containers for J2EE smathews> Content-Location: smathews> http://localhost:8889/jsp/html/portlet/my_account/j_login.jsp smathews> Set-Cookie: JSESSIONID=b3eabbf09d734b998c79d15602741b8c; Path=/ smathews> Connection: Close smathews> Content-Type: text/html;charset=ISO-8859-1 smathews> Cache-Control: no-cache smathews> Transfer-Encoding: chunked smathews> smathews> 3 - Cactus Request smathews> smathews> POST /j_security_check? HTTP/1.1 smathews> Content-type: application/x-www-form-urlencoded smathews> User-Agent: Jakarta Commons-HttpClient/2.0rc1 smathews> Host: localhost:8889 smathews> Cookie: $Version=0; JSESSIONID=b3eabbf09d734b998c79d15602741b8c smathews> Content-Length: 54 smathews> smathews> j_username=0&j_password=qUqP5cyxm6YcTAhz05Hph5gvu9M%3D smathews> smathews> 4 - OC4J Response smathews> smathews> HTTP/1.1 100 Continue smathews> Server: Oracle9iAS (9.0.3.0.0) Containers for J2EE smathews> Date: Thu, 18 Nov 2004 10:43:47 GMT The last response means that the authentication is not completed. I'm not sure why your container responses with status 100, however, this may make your case, i.e. "unable to find line starting with HTTP". Regards, ---- Kazuhito SUGURI mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]