0 Replies Latest reply on Apr 11, 2009 10:39 AM by kazan77777

    Forms Authtentication not forwarding to correct page.

      I am implementing forms authentication, but after I login I am forwarded to my .css file.

      If I launch my web browser and type in something like this:
      http://localhost/intranet/projects.faces

      I am forwarded to my login page. I proceed to enter my credentials, then hit submit.

      Jboss authenticates me. However, I am forward to my applications .css file, which resides in intranet/css.

      This doesn't make any since to me. I am expecting it to forward to the intended url, which is http://localhost/intranet/projects.faces.

      I am using JBoss 5.0.1.

      Can someone give me a hand?

      My login config is like this:

      <application-policy name="other">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
       <module-option name="dsJndiName">java:/MySqlDS</module-option>
       <module-option name="principalsQuery">
       SELECT
       password
       FROM
       appuser
       WHERE
       user_name=?
       </module-option>
       <module-option name="rolesQuery">
       SELECT
       'APPUSER' role_name,
       'Roles'
       FROM
       appuser u
       WHERE
       u.user_name=?
       </module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      My web.xml has this:
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Protected Area</web-resource-name>
       <url-pattern>/*</url-pattern>
       <http-method>DELETE</http-method>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       <http-method>PUT</http-method>
       </web-resource-collection>
       <auth-constraint>
       <role-name>APPUSER</role-name>
       </auth-constraint>
       </security-constraint>
       <login-config>
       <auth-method>FORM</auth-method>
       <form-login-config>
       <form-login-page>/login.faces</form-login-page>
       <form-error-page>/login.faces</form-error-page>
       </form-login-config>
       </login-config>
       <security-role>
       <role-name>APPUSER</role-name>
       </security-role>