Dear all, I'm implementing "remember me" login functionality using FORM authentication, a LoginServlet and a Filter. It's very much based on the code in an earlier posting to this list
From: Raible, Matt Subject: RE: Form based security and "Remember Me" Date: Fri, 21 Feb 2003 07:33:22 -0800 My set up works fine when my <FORM> uses "j_security_check" as it's action but using a redirect from a servlet seems to fail with a 403 error. I've debugged the servlet so I know it's getting to it and doing what I expect. In the original mail, Matt's servlet call is... - - - - - - - - - - - - - - - - - - - - - - - - - - String username = request.getParameter("j_username").toLowerCase(); String password = request.getParameter("j_password"); ... String req = "j_security_check?j_username=" + RequestUtils.encodeURL(username) + "&j_password=" + RequestUtils.encodeURL(password); response.sendRedirect(response.encodeRedirectURL(req)); - - - - - - - - - - - - - - - - - - - - - - - - - - I don't have the "RequestUtils.encodeURL()" in my version. a) Do I need them? - the html form seems for work even if the password field is plain text when the action is set to "j_security_check". b) Where do I get these methods? Aren't they somewhere in Struts? Do I really have to bring down all of that stuff? For completeness here's my code... - - - - - - - - - - - - - - - - - - - - - - - - - - String req = "j_security_check?j_username=" + request.getParameter("j_username") + "&j_password=" + request.getParameter("j_password"); response.sendRedirect(response.encodeRedirectURL(req)); - - - - - - - - - - - - - - - - - - - - - - - - - - Any help would be fantastic. Best regards Chris --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]