2 Replies Latest reply on May 13, 2003 9:54 AM by pshrimpton

    redirect problem with form based security using Jetty/Jboss

    wesyah234
    wesyah234 May 12, 2003 3:00 PM

      I posted an earlier question about this but received no responses. I have now cleaned up an example application that uses the default UsersRolesLoginModule, so no jboss configuration should be necessary to run my example.

      I've created this example with the hope that some of you will try it on 3.2.1 (jetty) and 3.2.1-Tomcat and see if you can verify what I'm seeing. What happens is: when you type in an invalid username/password, followed by the correct username/password, it will redirect the user back to the root of the server: (ie. http://localhost:8080/) But this only happens with the Jetty distribution, the Tomcat version correctly forwards the user to the originally requested page.

      The valid usernames and passwords are given on the main page.

      The war file is available at:
      http://www.geocities.com/wesyah234/securityDemoWar.zip

      and the source zip is at:
      http://www.geocities.com/wesyah234/securityDemo.zip

      Thanks,
      Wes

      • 3504 Views
      • Tags:
        • 1. Re: redirect problem with form based security using Jetty/Jb
          wesyah234
          wesyah234 May 13, 2003 8:37 AM (in response to wesyah234)

          I just received a reply this morning from my post to the jetty-discuss mail list late last week.

          Brett Sealey wrote:
          Thanks for the precise description of the problem. Looking in the
          FormAuthenticator the problem is obvious and I have checked in a fix.

          Regards,
          Brett
          ------------------------
          I downloaded the nightly build of jetty, copied the jar files into my jboss distribution and verified that it now works.

            • Actions
          • 2. Re: redirect problem with form based security using Jetty/Jb
            pshrimpton
            pshrimpton May 13, 2003 9:54 AM (in response to wesyah234)

            Hi,

            > What happens
            > is: when you type in an invalid username/password,
            > followed by the correct username/password, it will
            > redirect the user back to the root of the server:
            > (ie. http://localhost:8080/) But this only happens
            > with the Jetty distribution, the Tomcat version
            > correctly forwards the user to the originally
            > requested page.

            I had this exact problem last week with 3.0.7/Jetty, but not with 3.0.7/Tomcat. I also posted the problem to the jboss-user mailing list, but should have posted to a jetty list I guess.

              • Actions