6 Replies Latest reply on Nov 9, 2004 12:18 PM by victorl

Problem with j_security_check, Form Login and Filter

victorl Nov 5, 2004 4:32 PM

Hi all,

I have a Form for login and its html snippet is:

form method="post" action="/myApp/j_security_check"
Userid:<input type="text" name="j_username"
Password:<input type="password" name="j_password"
....

There is a Filter and its deployment descriptor is:

<filter-name>LogginFilter</filter-name>
<display-name>Loggin Filter</display-name>
<filter-class>controller.LogginFilter</filter-class>

<filter-mapping>
<filter-name>LogginFilter</filter-name>
<url-pattern>/j_security_check</url-pattern>
</filter-mapping>

But I can see that the HTTP Request from the Web Form does not invoke the LogginFilter and the result page is a HTTP Status 403 - Access to the requested resource has been denied.

I have read JAAS HOWTO but I cannot find the problem.
Is j_security_check supported on jboss 3.2.6 and jboss 4.0 ?

Any help would be greatly appreciated.
All the best,

Victor

1. Re: Problem with j_security_check, Form Login and Filter

starksm64 Nov 5, 2004 5:09 PM (in response to victorl)

Filters cannot intercept the j_security_check action as they are applied after authentication.
Actions
2. Re: Problem with j_security_check, Form Login and Filter

victorl Nov 5, 2004 7:14 PM (in response to victorl)

Hi Scott,

Thank you very much for your response.

In websphere this run without problem and the filter is called before j_security_chech and from the filter via chain.doFilter(...) I can invoke j_security_check.

Is there any way in JBoss to use j_security_check ?

Thanks in advance. Regards,

Victor
Actions
3. Re: Problem with j_security_check, Form Login and Filter

starksm64 Nov 8, 2004 12:52 PM (in response to victorl)

No, not without writing your own custom org.apache.catalina.authenticator.FormAuthenticator that allows for this.
Actions
4. Re: Problem with j_security_check, Form Login and Filter

victorl Nov 8, 2004 1:46 PM (in response to victorl)

Hello Scott, thank you very much once again.

I eliminated the filter and the loggin process against iPlanet LDAP is done, but I get the following message:

HTTP Status 403 Access to the specified resource (Access to the requested resource has been denied) has been forbidden.

And the protected jsp is not displayed.

Do you know where is the trouble ?

Thank you very much.
All the best,

Victor
Actions
5. Re: Problem with j_security_check, Form Login and Filter

claudio4j Nov 8, 2004 8:19 PM (in response to victorl)

"victorl" wrote:

I eliminated the filter and the loggin process against iPlanet LDAP
is done, but I get the following message:

HTTP Status 403
Access to the specified resource
(Access to the requested resource has been denied) has been forbidden.

See the iDS Log and look whos is trying to do the BIND to iDS.

The post below, is something related.

http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3854364

Claudio Miranda
Actions
6. Re: Problem with j_security_check, Form Login and Filter

victorl Nov 9, 2004 12:18 PM (in response to victorl)

Hi Claudio,

Thank you very much for your response.
I followed your example and login to LDAP is now OK !!!!!!!!! :-))

Thanks once again. God bless you !!
All the best. Regards,

Victor
Actions

Go to original post