3 Replies Latest reply on Apr 29, 2002 7:26 AM by toben

Invalid direct reference to form login page

pandawong007 Apr 25, 2002 2:08 PM

I just switched to RC1 and im getting this error when i try to login using form based authentication. i am referencing a page inside the secure area and im not directly accessing the login.jsp page. if anyone has gotten form based authentication working with a database please help.

i have attached some files that im currently using. thanks.

1. Re: Invalid direct reference to form login page

toben Apr 26, 2002 8:42 AM (in response to pandawong007)

I have the same problem and are very interested in a solution.

regards
Actions
2. Re: Invalid direct reference to form login page

pandawong007 Apr 26, 2002 12:32 PM (in response to pandawong007)

make sure your not trying to access the login page directly. access a page in the protected area and it should auto redirect you to the loging page. if that does work, in your login page where your action is j_security_check. add
<%= response.encodeURL("j_security_check") %>.

i dont know why but it worked with out that in the previous version i was working with. but that seemed to solve it.
Actions
3. Re: Invalid direct reference to form login page

toben Apr 29, 2002 7:26 AM (in response to pandawong007)

I think since jboss3.0rc1 comes with url rewriting to provide a jsessionid the encodeUrl-call adds a jsessionid parameter and this solves our problem. in my opinion without it jboss does not recognize the right session of the request and does something we do not want.
Actions

Go to original post