Flavio, I've no idea what would cause the exception. It looks like you're using Jetty. I've used the auth fw with cocoon 2.1.3 under tomcat 4.1.27 and the redirects worked fine. Maybe there's some issue with redirects under Jetty? Maybe you could try running under tomcat and see what happens?
Morley > -----Original Message----- > From: Flavio Palumbo [mailto:[EMAIL PROTECTED] > Sent: Thursday January 29, 2004 8:05 AM > To: [EMAIL PROTECTED] > Subject: RE: problem with authentication > > > Hi Morley, > > thanks for your replay, i got it. > > i was misteking many things in the XSP code. > > now it works and i can authenticate the user against the DB table > as i hoped. > > making more tests, i tried to point directly a page in the protected area > without authenticate myself, where i thought i'd be redirected to > the login > page ; instead i get an exception > java.lang.ArrayIndexOutOfBoundsException. > > have you any suggestion ? below are the stack trace and the new sitemap. > > thanks a lot > > Flavio > > java.lang.ArrayIndexOutOfBoundsException > at java.lang.System.arraycopy(Native Method) > at > org.mortbay.util.ByteBufferOutputStream.prewrite(ByteBufferOutputS > tream.java:219) > at > org.mortbay.http.BufferedOutputStream.flush(BufferedOutputStream.java:187) > at > org.mortbay.http.ChunkingOutputStream.flush(ChunkingOutputStream.java:69) > at > org.mortbay.http.HttpOutputStream.flush(HttpOutputStream.java:482) > at org.mortbay.http.HttpResponse.commit(HttpResponse.java:501) > at org.mortbay.http.HttpResponse.sendRedirect(HttpResponse.java:463) > at > org.mortbay.jetty.servlet.ServletHttpResponse.sendRedirect(Servlet > HttpResponse.java:432) > at > org.apache.cocoon.environment.http.HttpResponse.sendRedirect(HttpR > esponse.java:132) > at > org.apache.cocoon.environment.http.HttpEnvironment.doRedirect(Http > Environment.java:192) > at > org.apache.cocoon.environment.http.HttpEnvironment.redirect(HttpEn > vironment.java:131) > at > org.apache.cocoon.environment.ForwardRedirector.globalRedirect(For > wardRedirector.java:131) > at > org.apache.cocoon.webapps.authentication.components.DefaultAuthent > icationManager.checkAuthentication(DefaultAuthenticationManager.java:373) > at > org.apache.cocoon.webapps.authentication.acting.AuthAction.act(Aut > hAction.java:102) > at > org.apache.cocoon.components.treeprocessor.sitemap.ActTypeNode.inv > oke(ActTypeNode.java:152) > at > org.apache.cocoon.components.treeprocessor.AbstractParentProcessin > gNode.invokeNodes(AbstractParentProcessingNode.java:84) > at > org.apache.cocoon.components.treeprocessor.sitemap.PreparableMatch > Node.invoke(PreparableMatchNode.java:164) > at > org.apache.cocoon.components.treeprocessor.AbstractParentProcessin > gNode.invokeNodes(AbstractParentProcessingNode.java:108) > at > org.apache.cocoon.components.treeprocessor.sitemap.PipelineNode.in > voke(PipelineNode.java:163) > at > org.apache.cocoon.components.treeprocessor.AbstractParentProcessin > gNode.invokeNodes(AbstractParentProcessingNode.java:108) > at > org.apache.cocoon.components.treeprocessor.sitemap.PipelinesNode.i > nvoke(PipelinesNode.java:152) > at > org.apache.cocoon.components.treeprocessor.TreeProcessor.process(T > reeProcessor.java:354) > at > org.apache.cocoon.components.treeprocessor.TreeProcessor.process(T > reeProcessor.java:307) > at > org.apache.cocoon.components.treeprocessor.sitemap.MountNode.invok > e(MountNode.java:133) > at > org.apache.cocoon.components.treeprocessor.AbstractParentProcessin > gNode.invokeNodes(AbstractParentProcessingNode.java:84) > at > org.apache.cocoon.components.treeprocessor.sitemap.PreparableMatch > Node.invoke(PreparableMatchNode.java:164) > at > org.apache.cocoon.components.treeprocessor.AbstractParentProcessin > gNode.invokeNodes(AbstractParentProcessingNode.java:108) > at > org.apache.cocoon.components.treeprocessor.sitemap.PipelineNode.in > voke(PipelineNode.java:163) > at > org.apache.cocoon.components.treeprocessor.AbstractParentProcessin > gNode.invokeNodes(AbstractParentProcessingNode.java:108) > at > org.apache.cocoon.components.treeprocessor.sitemap.PipelinesNode.i > nvoke(PipelinesNode.java:152) > at > org.apache.cocoon.components.treeprocessor.TreeProcessor.process(T > reeProcessor.java:354) > at > org.apache.cocoon.components.treeprocessor.TreeProcessor.process(T > reeProcessor.java:307) > at org.apache.cocoon.Cocoon.process(Cocoon.java:656) > at > org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:1112) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) > at > org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:360) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplic > ationHandler.java:294) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:558) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1714) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicat > ionContext.java:507) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1664) > at org.mortbay.http.HttpServer.service(HttpServer.java:863) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:775) > at > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:939) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:792) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:201) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:289) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:455) > > SITEMAP --------------------------------------------------------------- > > <map:pipelines> > > <map:component-configurations> > <authentication-manager> > <handlers> > <handler name="protArea"> > <redirect-to uri="cocoon:/login"/> > <authentication uri="cocoon:raw:/authenticate"/> > </handler> > </handlers> > </authentication-manager> > </map:component-configurations> > > <map:pipeline> > > <map:match pattern=""> > <map:redirect-to uri="login"/> > </map:match> > > <!-- <map:match pattern="authenticate"> > <map:generate type="serverpages" src="docs/autenticaLogin.xsp"/> > <map:parameter name="use-request-parameters" value="true"/> > <map:transform src="stylesheets/autentica.xsl"/> > <map:serialize type="xml"/> > </map:match> --> > > > <!-- ================= --> > <!-- Simple login page --> > <!-- ================= --> > <map:match pattern="login"> > <!-- if we are already logged in, redirect to the > protected document > --> > <map:act type="auth-loggedIn"> > <map:parameter name="handler" value="protArea"/> > <map:redirect-to uri="protected/home"/> > </map:act> > <map:generate src="docs/login.xml"/> > <map:transform src="stylesheets/simple-page2html.xsl"/> > <map:transform type="encodeURL"/> > <map:serialize/> > </map:match> > > <!-- ========================================= --> > <!-- Form target which performs auth service --> > <!-- ========================================= --> > <map:match pattern="do-login"> > <!-- try to login --> > <map:act type="auth-login"> > <map:parameter name="handler" value="protArea"/> > <map:parameter name="parameter_name" > value="{request-param:username}"/> > <map:redirect-to uri="protected/home"/> > </map:act> > <!-- something was wrong, try it again --> > <map:redirect-to uri="login"/> > </map:match> > > <!-- ================ --> > <!-- Protected area --> > <!-- ================ --> > <map:match pattern="protected/**"> > <map:act type="auth-protect"> > <map:parameter name="handler" value="protArea"/> > > <map:match pattern="protected/home"> > <map:generate src="docs/home.xml"/> > <map:transform type="session"/> > <map:transform src="stylesheets/apache.xsl"/> > <map:transform type="encodeURL"/> > <map:serialize/> > </map:match> > > <map:match pattern="protected/*-operaz.html"> > <map:act set="process"> > <map:parameter name="descriptor" > value="context://riskIdem/docs/operaz-form.xml"/> > <map:generate type="serverpages" > src="docs/conferma-operaz.xsp"/> > <map:transform src="stylesheets/apache.xsl"/> > <map:serialize/> > </map:act> > <map:generate type="serverpages" src="docs/{1}-operaz.xsp"/> > <map:transform src="stylesheets/apache.xsl"/> > <map:serialize/> > </map:match> > > > <map:match pattern="protected/*-openp.html"> > <map:generate type="serverpages" src="docs/{1}-openp.xsp"/> > <map:transform src="stylesheets/apache.xsl"/> > <map:serialize/> > </map:match> > > <map:match pattern="protected/Ricerca-*.html"> > <map:generate type="serverpages" src="docs/Ricerca-{1}.xsp"/> > <map:transform src="stylesheets/apache.xsl"/> > <map:serialize/> > </map:match> > > <map:match pattern="protected/images/**.gif"> > <map:read src="resources/images/{1}.gif" > mime-type="image/gif"/> > </map:match> > > <map:match pattern="protected/images/**.jpg"> > <map:read src="resources/images/{1}.jpg" > mime-type="image/jpg"/> > </map:match> > > <map:match pattern="protected/images/**.png"> > <map:read src="resources/images/{1}.png" > mime-type="image/png"/> > </map:match> > > <map:match pattern="protected/resources/**.css"> > <map:read src="resources/styles/{1}.css" > mime-type="text/css"/> > </map:match> > > <map:match pattern="protected/resources/**.js"> > <map:read src="resources/styles/{1}.js" > mime-type="application/x-javascript"/> > </map:match> > > </map:act> > > <!-- something was wrong, redirect to login page --> > <map:redirect-to uri="login"/> > </map:match> > > <!-- ========================================= --> > <!-- Logout link which invalidates the session --> > <!-- ========================================= --> > <map:match pattern="do-logout"> > <map:act type="auth-protect"> > <map:parameter name="handler" value="protArea"/> > > <map:act type="auth-logout"/> > </map:act> > <map:redirect-to uri="login"/> > </map:match> > </map:pipeline> > > <map:pipeline internal-only="true"> > <map:match pattern="authenticate"> > <map:generate type="serverpages" src="docs/autenticaLogin.xsp"/> > <map:parameter name="use-request-parameters" value="true"/> > <map:transform src="stylesheets/autentica.xsl"/> > <map:serialize type="xml"/> > </map:match> > > <!-- <map:handle-errors> > <map:transform src="stylesheets/system/error2document.xsl"/> > <map:transform src="stylesheets/apache.xsl"/> > <map:serialize status-code="500"/> > </map:handle-errors> --> > > </map:pipeline> > <!-- <map:match pattern="authenticate"> > <map:generate src="docs/userlist.xml"/> > <map:transform src="stylesheets/authenticate.xsl"> > <map:parameter name="use-request-parameters" value="true"/> > </map:transform> > <map:serialize type="xml"/> --> > </map:pipelines> > > </map:sitemap> > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]