3 Replies Latest reply on Apr 1, 2002 1:20 PM by johnnycannuk

Bad redirection in form based authentification

paja Mar 28, 2002 1:00 PM

Iam using then form- based authentification.
web.xml is ok, database is ok. But I have a problem.

If I am using a simple login.jsp script:

<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
Username:
Password:

It works perfectly, but if I try include some other file or for example some css styles, then after authentification the page is redirected on the css style.
I need to redirect to index.jsp. Could somebody me?

This works bad:

<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
Username:
Password:

I am redirected to http://localhost:8080/resources.styly.css

do somebody knows why?

1. Re: Bad redirection in form based authentification

johnnycannuk Mar 28, 2002 1:48 PM (in response to paja)

Your style sheets are in the protected area aren't they?

The J_Secutity_check will try to re-direct you to the last secured url your page tried to access....in this case the stylesheet for the login page itself. If you put a copy of the style sheet outside the secured area for the login, it should work.

Mike
Actions
2. Re: Bad redirection in form based authentification

paja Mar 29, 2002 7:18 AM (in response to paja)

Ok I created new module "authentification" and i moved all the required files there. How can I set that this modul is not secured? Than you very much. Paja.
Actions
3. Re: Bad redirection in form based authentification

johnnycannuk Apr 1, 2002 1:20 PM (in response to paja)

What does your Security contrriants in you web.xml look like? If the URL pattern is /* then clearly your /resources/style.css is in the protected area (/* matches with /resources).

Simply make your security contraint witha URL patter n like /secure/* and place your ligin .jsp and style sheets out side of this directory
Actions

Go to original post