-
1. Re: j_security check error, migrating from 3.0.3 to 3.2.5
haobaba1 Oct 5, 2004 10:13 AM (in response to dlastoria)The security mechanism does not want the user to go directly to the login page. What you need to do is make sure that the user was forwarded to the login page by the application server. I have seen people put scriptlets in the login page which check to see if the session is new and then redirect to a protected resource if it is. This will cause the servlet container to then redirect back to the login page. What I did was make my page protected and then it forwards to the login page immediately if the user is not logged in. Hope that helps.
-
2. Re: j_security check error, migrating from 3.0.3 to 3.2.5
haobaba1 Oct 5, 2004 10:14 AM (in response to dlastoria)correction: What I did was make my welcome page protected .....
-
3. Re: j_security check error, migrating from 3.0.3 to 3.2.5
dlastoria Oct 5, 2004 10:17 AM (in response to dlastoria)Thanks for your response. The user accesses the webpage by going to the context-root, which then display the login form webpage. I enter the credentials, which it validates. Then when it is forwarding/redirecting to the appropriate page I get this error message.
I have no problems with this under JBoss 3.0.3. Under that version I was using Jetty and now it is Tomcat. Perhaps there is a setting that I am not considering. -
4. Re: j_security check error, migrating from 3.0.3 to 3.2.5
haobaba1 Oct 5, 2004 1:16 PM (in response to dlastoria)"dlastoria" wrote:
Thanks for your response. The user accesses the webpage by going to the context-root, which then display the login form webpage. I enter the credentials, which it validates. Then when it is forwarding/redirecting to the appropriate page I get this error message.
I have no problems with this under JBoss 3.0.3. Under that version I was using Jetty and now it is Tomcat. Perhaps there is a setting that I am not considering.
is your login page index.jsp or another file that is set up as the welcom page in your web.xml. If so, then that would be the problem. You would need to have the user requesting a protected resource to trigger the authentication process. -
5. Re: j_security check error, migrating from 3.0.3 to 3.2.5
dlastoria Oct 5, 2004 1:38 PM (in response to dlastoria)This is very possibly the problem. I added the security page to Tomcat's web.xml. Like this:
<welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>/cm/login.jsp</welcome-file> </welcome-file-list> "./deploy/jbossweb-tomcat50.sar/web.xml" 933L, 38241C written
However I am still having the same problem. After it validates the credentials it gives the same error message above when trying to redirect to:
https://www.companyname.com/cm/j_security_check -
6. Re: j_security check error, migrating from 3.0.3 to 3.2.5
dlastoria Oct 14, 2004 10:11 AM (in response to dlastoria)Any other ideas?
-
7. Re: j_security check error, migrating from 3.0.3 to 3.2.5
dlastoria Oct 19, 2004 9:44 AM (in response to dlastoria)This is still affecting us in production. Appreciate any and all help! Thanks!
-
8. Re: j_security check error, migrating from 3.0.3 to 3.2.5
starksm64 Oct 19, 2004 2:12 PM (in response to dlastoria)Create a bug report on sourceforge with a sample war that demonstrates the problem.
http://sourceforge.net/tracker/?group_id=22866&atid=376685 -
9. Re: j_security check error, migrating from 3.0.3 to 3.2.5
asduarte Dec 22, 2004 11:15 AM (in response to dlastoria)I had the same problem, I solved changing the action like below:
<form action="<%=response.encodeURL("j_security_check")%>" method="POST">
Cookies was turned off...