Hello, I am trying to understand how the built-in forms validation works in tomcat 4.03 on win.
I believe that I have my web.xml file correct, (below). All appears good. If I put in a bad username and passoword, I go to the error page, but if I successed, it throws up an error, [Invalid direct reference to form login page]. Which makes sense, I guess it is submitting it back and the URL shows [http://localhost/altercast/j_security_check] How do I forward the user to a good login page, if they pass the basic authentication? My page is /loginpage.html // here it is: <FORM METHOD=POST ACTION=j_security_check> <P><INPUT TYPE=TEXT NAME="j_username" VALUE="" SIZE=15> <P><INPUT TYPE=PASSWORD NAME="j_password" VALUE="" SIZE=15> <INPUT TYPE=submit VALUE=" OK "> Thanks, <security-constraint> <web-resource-collection> <web-resource-name>SecretProtection</web-resource-name> <url-pattern>/servlet/SalaryServlet</url-pattern> <url-pattern>/servlet/secret</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <web-resource-collection> <web-resource-name>AuthenticationSnoop</web-resource-name> <url-pattern>/servlet/AuthenticationSnoop</url-pattern> <http-method>GET</http-method> </web-resource-collection> <web-resource-collection> <web-resource-name>loginpage.html</web-resource-name> <url-pattern>/altercast/loginpage.html</url-pattern> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>manager</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/loginpage.html</form-login-page> <form-error-page>/errorpage.html</form-error-page> </form-login-config> </login-config> <security-role> <role-name>manager</role-name> </security-role> Scott Purcell | Developer | VERTIS | 555 Washington Ave. 4th Floor | St. Louis, MO 63101 | T 314.588.0720 | F 314.588.0735 | [EMAIL PROTECTED] | http://www.vertisinc.com Vertis is a global powerhouse for integrated marketing and advertising solutions that seamlessly combine advertising, direct marketing, media, imaging and progressive technology. Vertis' products and services include: consumer and media research, media planning and placement, creative services, digital media production, targetable insert programs, fully integrated direct marketing programs, circulation-building newspaper products and eMarketing. -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>