-
1. Re: question about j_security_chcek
phoenix Feb 5, 2002 3:31 PM (in response to phoenix)To be more specific, I am using the JDBC realm. I use the Form authentication for all logins, and they all works. My problem is on the registration part. When I create a new user, I insert the Principal and Roles information into the Database, and try to login that new user directly, not go back to login page.
I use the LoginContext.login(), then forward to the secure page. That page can be displayed, but when I click any link to other secure pages with the same security constraint, it go back to login page. I am really confused about that? Can anyone give me a hint?
Thank you. -
2. Re: question about j_security_chcek
jleech Feb 13, 2002 6:07 PM (in response to phoenix)after creating your user, post to j_security_check with the username and password, just like your auth form does.
The class that handles the form based authentication in tomcat is org.apache.catalina.authenticator.FormAuthenticator. It sets stuff in the session after a successful authentication that you probably can't get to yourself, which is why what you're trying isn't working. -
3. Re: question about j_security_chcek
mike3 Feb 20, 2002 3:24 AM (in response to phoenix)Does this mean that in order to propagate the Principal from your LoginContext to the web container (Catalina) you need to ALWAYS use form login?
I can't see any other way to do it.
-mike
PS Manually requesting j_security_check is a large hack and not recommended by anyone ;)