I had the same problem and did the following .. <form method="POST" action='<%= response.encodeURL("j_security_check") %>' > <tr><td colspan="2"></td></tr> <tr><td><bean:message key="login.page.form.email.label"/></td><td><input type="text" name="j_username"></td></tr> <tr><td><bean:message key="login.page.form.password.label"/></td><td><input type="password" name="j_password"></td></tr> <tr><td colspan="2"><html:submit><bean:message key="login.page.form.submit.label"/></html:submit></td></tr> </form>
-----Original Message----- From: Eddie Bush [mailto:[EMAIL PROTECTED]] Sent: September 25, 2002 11:03 AM To: Struts Users Mailing List Subject: Re: Logout in a container-managed security environment -- Follow-up Charles, I don't remember the solution to this. The guys on tomcat-user will probably tell you to search the archive. The issue that arises (using Apache/TC) is that you have to map things you want the servlet container to be responsible for (unless you use mod_webapp; I do not recommend this approach - stick with jk). Play around with adding a mapping for j_security_check. When you figure it out, please post it here or directly to me :-) I'll squirrel it off somewhere so I have it for reference the next time someone asks. You might *try* looking through the TC docs before you start aimlessly trying different mappings. I seem to recall Remmy changed the docs up a bit, and they looked much better - but I honestly do not recall if the solution to this problem is included nowadays. Sorry I wasn't more help. Charles McClain wrote: >All: > >I received several replies to my original question, all of which >indicated that, in order to do a forceful logout, I needed to use >FORM-based CMA rather than BASIC. One of the replies recommended an >article on the topic, which I downloaded and read. > >I implemented FORM-based authentication, making the changes to my >web.xml, indicating the login form and error page, etc. The container >(Tomcat 4.0) seems to know that I want FORM-based authentication, since >it pops up my login page. I did, by the way, include the fields >j_username and j_password, and my form action is j_security_check, as >per the instructions. > >However, when I press the submit button, my browser gives me a 404 >not-found error on the (nonexistent, of course) page j_security_check. >I've checked the Apache and Tomcat logs, and one of the Tomcat logs >tells me that it has "Configured an authenticator for method FORM", but >it still seems to be looking for a page by that name rather than >invoking the method. > >Anyone have any ideas? > >Charles McClain >Phone: 603.659.2046 >email: [EMAIL PROTECTED] > -- Eddie Bush -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>