Users can authenticate to the secured area of my Website using IE and Firefox; no problem
Wouldn't you know, some pesky users want to use their Macs and some are trying with Google and neither of these work. Goes straight to the not_auth.html. Please help! I'm using a simple form-based authentication method. Here's my WEB.XML (from inside the webapp, not the conf): <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> <display-name>Progressive Commerce Inc</display-name> <description> Progressive Website </description> <security-constraint> <display-name>Progressive Security Constraint</display-name> <web-resource-collection> <web-resource-name>Dealer Area</web-resource-name> <url-pattern>/catalog/dealer/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>dealer</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>dealer</role-name> </security-role> <security-constraint> <display-name>Joe Parts Security Constraint</display-name> <web-resource-collection> <web-resource-name>Joe Parts Area</web-resource-name> <url-pattern>/joeparts/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>joe</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>joe</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <realm-name>Progressive Form-Based Authentication Area</realm-name> <form-login-config> <form-login-page>/catalog/dealer_door.jsp</form-login-page> <form-error-page>/not_auth.html</form-error-page> </form-login-config> </login-config> <resource-ref> <description> jdbc/progressive </description> <res-ref-name> jdbc/progressive </res-ref-name> <res-type> javax.sql.DataSource </res-type> <res-auth> Container </res-auth> <res-sharing-scope> Shareable </res-sharing-scope> </resource-ref> <welcome-file-list> <welcome-file>index.html</welcome-file> </welcome-file-list> </web-app> Here's the code from my jsp <body bgcolor="#222324" text="#000000"> <form method="POST" action="<%= response.encodeURL("j_security_check") %>"> <p> </p> <div align="center"> </div> <table width="431" border="0" cellspacing="0" cellpadding="0"> <tr bgcolor="#FFFFFF" <td> </td> <td> <table> <tr> <td width="160"><font color="009999"><b><font face="Arial, Helvetica, sans-serif">Email Address:</font></b></font></td> <td width="147"> <input tabindex="1" type="text" name="j_username" value=" <% out.print(dlb.getEmail() + "\""); %> </td> <td width="49"> </td> </tr> <tr bgcolor="#FFFFFF"> <td width="160" height="20"><font color="009999"><b><font face="Arial, Helvetica, sans-serif">Password:</font></b></font></td> <td width="147" height="20"> <input tabindex="2" type="password" name="j_password"> </td> </tr> <tr bgcolor="#FFFFFF"> <td width="37"> </td> <td width="38"> </td> <td width="160"></td> <td width="147"> <div align="center"> <input tabindex="3" type="submit" value="Log In"> </div> </td> <td width="49"> </td> </tr> </table> </table> </form> </body> I get only two relevant (but not particularly helpful) entries in the logs: 2011-03-27 10:17:18 Commons Daemon procrun stdout initializedDealer authControl from the stdout 69.207.4.57 - - [27/Mar/2011:10:18:40 -0700] "POST /Progressive/catalog/dealer/j_security_check HTTP/1.1" 200 676 from the localhost access log