problem in FORM authentication
I'm using tomcat 4.1.27. I authenticate with FORM login and I get 400 error: The request sent by the client was syntactically incorrect (Invalid direct reference to form login page). when I try to get a page with security constraints Tomcat show me the login page (action = j_security_check , etc). I authenticate but Tomcat give me 400 error code. where to find the error ? From %CATALINA_HOME%\logs\catalina_log.-mm-dd.txt user results to be authenticated correctly but it doesn't show me the page I requested. what about j_security_check ?? Please, help me. FB.
RE: problem in FORM authentication
If searching the archives of this list don't help, try posting a trimmed down version of your server.xml (probably just the host or even just your relevent Context tag if you have one) and your auth setup from your web.xml and the structure of your web-app (in case it is non-standard which may cause problems). But you are saying after you get this error page you are authenticated and can access the protected area? -Original Message- From: Fabio Bazzani [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 3:17 PM To: Tomcat Users List Subject: problem in FORM authentication I'm using tomcat 4.1.27. I authenticate with FORM login and I get 400 error: The request sent by the client was syntactically incorrect (Invalid direct reference to form login page). when I try to get a page with security constraints Tomcat show me the login page (action = j_security_check , etc). I authenticate but Tomcat give me 400 error code. where to find the error ? From %CATALINA_HOME%\logs\catalina_log.-mm-dd.txt user results to be authenticated correctly but it doesn't show me the page I requested. what about j_security_check ?? Please, help me. FB. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: problem in FORM authentication
form-error-page/logIn/logIn-error.jsp/form-error-page /form-login-config /login-config security-role descriptiondoctor role/description role-namedoctor/role-name /security-role security-role descriptionpatient role/description role-namepatient/role-name /security-role . - - Original Message - From: Madere, Colin [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Thursday, September 11, 2003 9:36 PM Subject: RE: problem in FORM authentication If searching the archives of this list don't help, try posting a trimmed down version of your server.xml (probably just the host or even just your relevent Context tag if you have one) and your auth setup from your web.xml and the structure of your web-app (in case it is non-standard which may cause problems). But you are saying after you get this error page you are authenticated and can access the protected area? YES -Original Message- From: Fabio Bazzani [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 3:17 PM To: Tomcat Users List Subject: problem in FORM authentication I'm using tomcat 4.1.27. I authenticate with FORM login and I get 400 error: The request sent by the client was syntactically incorrect (Invalid direct reference to form login page). when I try to get a page with security constraints Tomcat show me the login page (action = j_security_check , etc). I authenticate but Tomcat give me 400 error code. where to find the error ? From %CATALINA_HOME%\logs\catalina_log.-mm-dd.txt user results to be authenticated correctly but it doesn't show me the page I requested. what about j_security_check ?? Please, help me. FB. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: problem in FORM authentication
Ok, there is probably an issue with having your login pages not in the webapp they are used for. Move them into the app directory they are used for and that might fix it. There's a lot of goofiness in this area and unfortunately no clean way to share login/logout pages amongst multiple webapps. -Original Message- From: Fabio Bazzani [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 4:07 PM To: Tomcat Users List Subject: Re: problem in FORM authentication These are my steps: 1) I just call index.jsp 2) click on my link (/prenotazione/index.jsp) 3) tomcat give me logIn.jsp 4) I correctly authenticate (I saw in catalina_log.-mm-dd.txt) 5) The request sent by the client was syntactically incorrect (Invalid direct reference to form login page). --- webapps/index.jsp -- where I call /prenotazione/index.jsp webapps/prenotazione/index.jsp webapps/logIn/logIn.jsp webapps/logIn/logIn-error.jsp -- From server.xml : Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true !-- Valve className=org.apache.catalina.authenticator.SingleSignOn debug=0/ -- !-- Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=localhost_access_log. suffix=.txt pattern=common resolveHosts=false/ -- Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=localhost_log. suffix=.txt timestamp=true/ !-- Tomcat Root Context -- !-- Context path= docBase=ROOT debug=0/ -- !-- context added for Web CUP project -- Context path=/webcup docBase=C:\Projects\WEBCUP\WebCup-app\webapps debug=0 reloadable=true crossContext=true Logger className=org.apache.catalina.logger.FileLogger prefix=localhost_webcup_log. suffix=.txt timestamp=true/ Resource name=jdbc/webcup auth=Container type=javax.sql.DataSource/ ResourceParams name=jdbc/webcup parameter namefactory/name valueorg.apache.commons.dbcp.BasicDataSourceFactory/value /parameter !-- Maximum number of dB connections in pool. Make sure you configure your mysqld max_connections large enough to handle all of your db connections. Set to 0 for no limit. -- parameter namemaxActive/name value100/value /parameter !-- Maximum number of idle dB connections to retain in pool. Set to 0 for no limit. -- parameter namemaxIdle/name value30/value /parameter !-- Maximum time to wait for a dB connection to become available in ms, in this example 10 seconds. An Exception is thrown if this timeout is exceeded. Set to -1 to wait indefinitely. -- parameter namemaxWait/name value1/value /parameter !-- MySQL dB username and password for dB connections -- parameter nameusername/name valueadmin/value /parameter parameter namepassword/name valuemysql/value /parameter !-- Class name for mm.mysql JDBC driver -- parameter namedriverClassName/name valueorg.gjt.mm.mysql.Driver/value /parameter !-- The JDBC connection url for connecting to your MySQL dB. The autoReconnect=true argument to the url makes sure that the mm.mysql JDBC Driver will automatically reconnect if mysqld closed the connection. mysqld by default closes idle connections after 8 hours. -- parameter nameurl/name valuejdbc:mysql://localhost:3306/webcup?autoReconnect=true/value /parameter /ResourceParams /Context /Host -- from web.xml : .. security-constraint web-resource-collection web-resource-nameWeb CUP: pagina di prenotazione e registrazione/web-resource-name url-pattern/prenotazione/*/url-pattern url-pattern/disponibilita/*/url-pattern http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint role-namepatient/role-name role-namedoctor/role-name /auth-constraint /security-constraint security-constraint web-resource-collection web-resource-nameWeb CUP: pagina di accettazione visita da parte dei dottori/web-resource-name url-pattern/dottori/*/url-pattern