Hi guys,
I don't think this is the intended TRACE that anil wanted me to setup, but it
may be useful in trying to diagnose the problem...
Here is a section of the server.log from the login form, a successful login and
then a redirect to index.jsp (my landing page once logged in).
anonymous wro
Guys,
This is starting to drive me crazy now, big time!
(j2ee_junkie) - YES, I NEED A WAY TO ACCESS THE USERNAME AND PASSWORD AFTER A
USER HAS SUCCESSFULLY LOGGED IN !!
Here's the state of play I now have both the ExtendedFormAuthenticator and
the FormAuthValve defined in my apps context.x
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ
Point 14. Try the FormAuthValve...
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3948169#3948169
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3948169
---
Paul,
See my comments in my last post. The ExtendedFormAuthenticator is not what I
think you want to use. To demonstrate that, I am looking at your log output
that shows you ('pander') successfully logging in. As I mentioned, the valve
does not put the username (and password) in session if
Hi junkie,
Sorry... didn't see your post with the 'a' and 'b' parts...
So, are you saying then that the ExtendedFormAuthenticator will ONLY put
j_username and j_password in the session if the user is redirected to the login
error page? What is the point of that?
That's not how I interpretted i
Anil,
Thank you for you help unfortunately though I think it is not working
correctly as I get a series of errors when starting my server to do with LOG4J.
I think this is a known bug... it happens on a straight out the box download of
jboss 4.04... which is what I am running.
The error re
Hm, the plot thinkens junkie...
I just uncommented the request dumper in the tomcat server.xml file and when I
check the server.log I can not see ANY mention of ExtendedFormAuthenticator
it only shows FormAuthenticator. Snippet below...
anonymous wrote : 2006-05-31 17:35:52,687 DEBUG
[
Add the following to your log4j.xml
|
|
|
|
Now in your server.log, you should see log entries under the "FormAuthValve"
name (We had a logger copy/paste error)
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3948131#3948131
Reply to the
Ok, I found what you suggested to look for and there were 4 links there.
jboss.web:type=Valve,name=JaccContextValve,path=/AMI,host=localhost
jboss.web:type=Valve,name=ExtendedFormAuthenticator,path=/AMI,host=localhost
jboss.web:type=Valve,name=SecurityAssociationValve,path=/AMI,host=localhost
Paul,
One thing I failed to mention before is that the use of this valve is only to
put these (i.e. j_username, and j_password) parameters in the session scope if
a.) they were passed in as form parameters to the login form
and
b.) if the user was forwarded to the login error page.
I just reali
Paul,
Sorry if I was too vague. You would be looking for a mbean under jboss.web
that is something like
J2EEApplication=none,J2EEServer=none,j2eeType=WebModule,name=//localhost/your_app.
Look for the valveObjectNames attribute of this mbean. You should see a list
of all the valves added to th
hi j2ee_junkie,
Are you able to offer any further assistance?
I am not exactly sure what I am looking for in the jmx-console... it's a little
confusing. I can see there are some links under jboss.web that contain the word
ExtendedFormAuthenticator and also my webapp name "AMI"
The links are:
h
Hey Paul,
Accessing the Subject (like you have done below) is great for getting the
username principal and role principals, but I do not think you can get the
password. So your best bet is to get the valve working.
Verify that the valve has been added to your web app's pipeline. This is
vis
13 matches
Mail list logo
