I came across this exact problem. In the mailing archives the
recommendation is to remove the action=j_security_check from the login
form.
Here's what I did to implement the system:
1. created a index.jsp in the non protected folder. It contains a redirect
Second try:
I came across this exact problem. In the mailing archives the
recommendation is to remove the action=j_security_check from the login
form.
Here's what I did to implement the system:
1. created a index.jsp in the non protected folder. It contains a redirect
If you're using sessions you can use a HttpSessionListener that
implements sessionCreated.
/Marcus
On Mon, 2002-02-25 at 21:21, Christian, Joanne wrote:
Hi Everyone,
This is another newbie question.
Can I extend j_security_check? I need to perform some additional setup
upon user
I am having the same problem. I have noticed that it seems to only happen
when using a Servlet. If the protected resource is a JSP it doesn't seem to
happen.
-Original Message-
From: Mulder, Frans [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 9:51 AM
To:
I think there is a better way to do this
If you have username/password information and want to login your users, use
a servlet...like /login.
Then use the normal roleManager method to login your user programatically.
If the login fails, you can return nicely to the external url from the
-Interest
Subject: RE: j_security_check
I've not tried this but I doubt it will work.
1. Since this is dubbed 'Container based authentication' in the J2EE spec,
and you're posting from outside the container, I would guess it won't work.
2. Since you are not authenticated when you are trying to post
yes, I get that too. Solved by removing j_security_check from the login
page's action, leaving it empty.
Regrettably, that's outside of the spec. Also, since that began to happen,
whenever there's a failed login, instead of showing the login-error-page,
the login-page is shown again. I think one
