Dear all,
I'm implementing "remember me" login functionality using
FORM authentication, a LoginServlet and a Filter.
It's very much based on the code in an earlier posting to
this list
From: Raible, Matt
Subject: RE: Form based security and "Remember Me"
Date: Fri, 21 Feb 2003 07:33:22 -0800
My set up works fine when my <FORM> uses "j_security_check" as it's
action but using a redirect from a servlet seems to fail with
a 403 error. I've debugged the servlet so I know it's getting
to it and doing what I expect.
In the original mail, Matt's servlet call is...
- - - - - - - - - - - - - - - - - - - - - - - - - -
String username =
request.getParameter("j_username").toLowerCase();
String password = request.getParameter("j_password");
...
String req =
"j_security_check?j_username=" +
RequestUtils.encodeURL(username)
+ "&j_password=" +
RequestUtils.encodeURL(password);
response.sendRedirect(response.encodeRedirectURL(req));
- - - - - - - - - - - - - - - - - - - - - - - - - -
I don't have the "RequestUtils.encodeURL()" in my version.
a) Do I need them? - the html form seems for work
even if the password field is plain text when the
action is set to "j_security_check".
b) Where do I get these methods? Aren't they somewhere
in Struts? Do I really have to bring down all of that
stuff?
For completeness here's my code...
- - - - - - - - - - - - - - - - - - - - - - - - - -
String req =
"j_security_check?j_username=" +
request.getParameter("j_username")
+ "&j_password=" +
request.getParameter("j_password");
response.sendRedirect(response.encodeRedirectURL(req));
- - - - - - - - - - - - - - - - - - - - - - - - - -
Any help would be fantastic.
Best regards
Chris
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
