Hi evreybody, I need your help!
I'm trying to integrate OpenKM, a jboss-based application, behind a revese-proxy managing SSO forward (i.e: manages users authentication once time and propagates authentication on secured applications). Here are some indications: OpenKM form login is composed of two fields : - one for username, j_username - one for password, j_password (- and one submit button with "Login" as default value) OpenKM form login action is /OpenKM/j_security_check Of course, direct login (i.e. without passing through reverse-proxy) works fine. Suppose I'm a trusted user (X.509 certificates checking validated) who is trying to connect to https://openkm.mycompany.com. Reverse-proxy authenticates me and then send itself my login/password for to protected OpenKM back-end sever, for example: john/doo. This last operation consits to send from the reverse-proxy a POST request to /OpenKM/j_security_check with j_username=john&j_password=doo&submit=Login Unfortunately reverse-proxy receives the following error: HTTP Status 400 - Invalid direct reference to form login page Then reverse-proxy is redirected to the authentication page. However authentication has succeeded since if I reload the authentication page (this one where I've been redirected) I'm redirected to OpenKM user interface and OpenKM works finally fine. (I hope I'm clear...) I ensure you I've got other secured applications behing the reverse proxy which work fine. So my questions are: - how to disable this behavior? Is there the possibility to fix my problem? - If yes, what files have to edit? With what parameters? (...) I thank you in advance for your help. Regards, John. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224412#4224412 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224412 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user