see inline
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Gerald
Gutierrez
Sent: Tuesday, February 06, 2001 12:52 AM
To: Orion-Interest
Cc: [EMAIL PROTECTED]
Subject: Form-based authentication not working right
Recently I asked about
Gerald,
I've been working with Form-based authentication for the past several weeks
on iPlanet 6.0. Looking at your web.xml deployment descriptor, it looks
like that's OK. You aren't using a user-data-constraint, but it's not
required either. Check out the J2EE specs and Blueprints for more
Are you only specifing a partial path, relying on a default page name
(index.jsp, default.jsp)? If so, in your redirect code, be specific
and specify the entire path, including the file name. You should
also be able to turn off directory browsing. I don't know how to do
this with Orion
Gerald,
I tried your exact example (see attached zipped up web app) and everything
worked just as it should (using orion 1.4.5). Once again I ask, what
happens if you remove the security and simply request the secured page?
Nick
At 03:52 PM 2/5/01 -0800, you wrote:
Recently I asked about
gerald, I have a configuration matching yours and it's working;
May I suggest a test?
If you will, add a user called 'jlorandi' and make it part of group
'myuser', and add an user 'dummy' but DON'T make him part of group 'myuser'
,then, could you please edit SecuredPage.jsp so it executes these
At 09:07 AM 2/6/2001 -0700, you wrote:
Gerald,
I tried your exact example (see attached zipped up web app) and everything
worked just as it should (using orion 1.4.5). Once again I ask, what
happens if you remove the security and simply request the secured page?
Then I get the secured page.