1 Reply Latest reply on Oct 15, 2002 8:12 AM by cobraflow

    a different, different null Principal problem...

    cobraflow
    cobraflow Oct 15, 2002 6:57 AM

      A WAR contains :-

      /cs
      /jsp
      /script
      /insecure
      /login.jsp
      /error.jsp

      I secure /cs/*,/jsp/*,/script/* with auth-method FORM

      I use struts so we have /*.do to secure as well...

      I hit my welcome file in /jsp and get challenged for my login. I login successfully. I get my welcome page with a valid UserPrincipal. I hit a link to /someAction.do?params, this Forwards me to another /jsp....I now have a null UserPrincipal.

      To fix this I secure ONLY /* and everything works...

      Surely I should not have got a null UserPrincipal on a secure page! Does a Forward act differently in some way?


      Confused!

      • 1772 Views
      • Tags:
        • 1. Re: a different, different null Principal problem...
          cobraflow
          cobraflow Oct 15, 2002 8:12 AM (in response to cobraflow)

          DOH! DOH! I should have taken the 'Blue Pill'!!!

          I'm sorry, I'm having a 'senior' moment!

          You can't secure /*.do

          For any other 'older' people...

          When trying to secure Struts applications give your struts action path a prefix like '/action/some_do' then you can secure /action/*


          Sorry again


          Lewis

            • Actions