3 Replies Latest reply on Aug 19, 2002 3:29 PM by Dmitry

    j_security_check redirecting to error.jsp

    Dmitry Newbie

      I thought I had j_security_check form working for a while,
      for what ever reason, now it started to behave strange:
      even when the user login succeeds I'm still redirects to the error.jsp. But the user actually loggs in, all the protected resources become available.

      Hoping that someone already has a strait answer.

      Thanks.


      P.S. When I was trying to post this message last night, I could not login to the jboss.org. Who knows, it might something to do with the time of the day ;)

        • 1. Re: j_security_check redirecting to error.jsp
          Dmitry Newbie

          Just want to clarify some things,

          in web.xml there is a <form-login-page> element as well as <form-error-page> in <form-login-config> section. I'm wondering, what is the standard behaiviour (by the spec or what ever) in case the login suceeds, what page does it suppose to go?

          In case I was accessing protected resource, after successfull authentication it returns back to the resource (protected) that was requested.
          In case I went directly to login page (so that all protected resources become available by default), I always get redirected to the form-error-page.

          What would be a work aroud?

          • 2. Re: j_security_check redirecting to error.jsp
            Craig Day Newbie

            in my experience you cannot reference the login page directly, thats probably your problem. the login page can only be a side effect of accessing secured resources without being authenticated.

            • 3. Re: j_security_check redirecting to error.jsp
              Dmitry Newbie

              here is the sopution offered by Christian Kubczak:

              Hi!
              A good solution would be the use of a welcome page such as index.jsp or
              index.html. This page should have protected access to _all_ users so that
              there is a guarantee that the login is called for each user. Then you don't
              have to call the login page directly what causes your error. Instead you
              call the index site, automatically calling the login redirecting to it.
              That's how I solved this problem myself in a project, btw...

              Greets
              ck