9 Replies Latest reply on Aug 22, 2007 10:17 AM by tl le

    Is there any way to force a user login when portal is access

    fpa1974 Newbie

      I am using JBoss 4.0.2 and JBoss portal 2.0. The question I have if there is any way to automatically redirect the user to the login page if any page at all under a portal is trying to be acessed and then, after login, redirect the user back to the intended page.

      Thanks,
      Florian

        • 1. Re: Is there any way to force a user login when portal is ac
          fpa1974 Newbie

          I also have another question kind of related. Is there a way to have different layouts (portlets in a page) for different users?

          Thanks,
          Florian

          • 2. Re: Is there any way to force a user login when portal is ac
            Doug Schnelzer Newbie

            For your first question, edit the web.xml in jboss-portal.sar/portal-server.war/WEB-INF. Change the first security constraint from

            <url-pattern>/auth/*</url-pattern>

            to
            <url-pattern>/*</url-pattern>


            • 3. Re: Is there any way to force a user login when portal is ac
              fpa1974 Newbie

              I tried to do that but the following error message comes up from tomcat:

              type Status report
              
              message /j_security_check
              
              description The requested resource (/j_security_check) is not available.
              


              Thanks,
              Florian

              • 4. Re: Is there any way to force a user login when portal is ac
                Doug Schnelzer Newbie

                If you type the URL as http://localhost:8080/portal/ (note the slash on the end, it will work). You can also modify the login form (jboss-portal.sar/portal-server.war/login.jsp) to submit the login form to "/portal/j_security_check". This is not ideal as it is not correct according to the Servlet Spec and you would have to update it if you change the portal context ... but it will get you closer to what you want.

                I think the problem is a Tomcat issue, but not positive.

                I haven't been able to correctly resolve this yet, but the work around works.

                • 5. Re: Is there any way to force a user login when portal is ac
                  fpa1974 Newbie

                  Thanks a lot for the help. It worked just fine the way you described it.

                  Now I have a different problem. In case the login fails the portal redirects you to the main page and not to an error page. I would like to have an error page (like the login screen) that gets displayed in case of a login failure. I create the missing html page that is referenced from the login form but it is not called and displayed. Any ideas on what is wrong?

                  Thanks,
                  Florian

                  • 6. Re: Is there any way to force a user login when portal is ac
                    Viet Master

                    try to add an explicit mapping in the web.xml that points to the error JSP (like there is a mapping defining an explicit mapping for the login JSP)

                    When it works could you be kind enough create a page in the wiki telling how to proceed ?

                    • 7. Re: Is there any way to force a user login when portal is ac
                      fpa1974 Newbie

                      Thanks for the suggestion. It all worked in the end.

                      I will create a page in wiki that details what needs to be done.

                      Florian

                      • 9. Re: Is there any way to force a user login when portal is ac
                        tl le Newbie

                        Hello,
                        I am using jboss portal 2.6.1
                        I followed the instruction mentioned below to force a login page but some thing doesn't quite work well.


                        By default JBoss Portal will display whatever welcome page is configured even if a user is not logged in. This page details what needs to be done in order to force the display of the login page if a user is not logged in if this behavior is desired. These instructions refer to JBoss Portal 2.0.

                        The steps are the following:

                        * Edit web.xml in jboss-portal.sar/portal-server.war/WEB-INF
                        o Change the first security constraint from <url-pattern>/auth/*</url-pattern> to <url-pattern>/*</url-pattern>. This will force the display of the login page mentioned in the <login-config> section of the web.xml (FORM authentication is assumed).
                        o Change the <form-error-page> in the <login-config> section of web.xml to point to an error page that is going to be displayed when authentication fails. Let's say that page is called badlogin.jsp. You would have then <form-error-page>/badlogin.jsp</form-error-page>.
                        o Add a new servlet mapping to web.xml. This should look like:
                        <servlet-mapping>
                        <servlet-name>jsp</servlet-name>
                        <url-pattern>/badlogin.jsp</url-pattern>
                        </servlet-mapping>

                        * Edit jboss-portal.sar/portal-server.war/login.jsp and submit the login form to /portal/j_security_check instead of j_security_check. This is not compliant with the servlet specification but it works. You would also have to change this if the root context of the portal is changed (replace portal in the string above with whatever root context you are running your portal under).


                        I created few pages and followed the steps mentioned above. When I log in, I can see all of the pages that I created with the default page as the active page in that portal. When I click on the next page, the portal does not display the content of that page. Instead, it displayed the content of the default page, even though I can see the url is pointing to the page that I just clicked on in the url location of IE 6
                        Do I miss something here or do I need to modify something else in that web.xml?

                        Thanks,

                        TL