0 Replies Latest reply on Jul 1, 2004 7:32 AM by bugwang

    HTTP Status 400 - Invalid direct reference to form login pag

    bugwang

      Hello! I work for Japanese company in Tokyo as Korean.
      please Help me!

      Can teach me anyone who knows this problem.

      I want to login with Form throuth SSL.
      Login Form of JSP is posted by the Controller Servlet(EmLogin).
      When I try to login, this message is shown.

      "The request sent by the client was syntactically incorrect "

      What's the problem?
      My Login JSP view has a form that use POST method.


      thanks..

      
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Emfg</web-resource-name>
       <description>Emfg Standard</description>
       <url-pattern>/v400/APS*</url-pattern>
       <url-pattern>/v400/Code*</url-pattern>
       <url-pattern>/v400/MA_*</url-pattern>
       <url-pattern>/v400/PU_*</url-pattern>
       <url-pattern>/v400/MP_*</url-pattern>
       <url-pattern>/v400/*</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       </web-resource-collection>
       <auth-constraint>
       <role-name>emAll</role-name>
       <role-name>emAdmin</role-name>
       </auth-constraint>
       <user-data-constraint>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
       </security-constraint>
      
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Login</web-resource-name>
       <description>Emfg Standard</description>
       <url-pattern>*.htm</url-pattern>
       <url-pattern>*.html</url-pattern>
       <url-pattern>*.jsp</url-pattern>
       <url-pattern>/EmLogin</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       </web-resource-collection>
       <!-- HTTPS/SSL -->
       <user-data-constraint>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
       </security-constraint>
      
       <login-config>
       <auth-method>FORM</auth-method>
       <realm-name>emfg</realm-name>
       <form-login-config>
       <form-login-page>/EmLogin</form-login-page>
       <form-error-page>/EmLogin?RESULTID=ERROR</form-error-page>
       </form-login-config>
       </login-config>
      
      



      //Controller Servlet
       private void doTask(
       HttpServletRequest request,
       HttpServletResponse response)
       throws ServletException, IOException {
      
       resultId = (String) request.getParameter(RequestInf.REQ_RESULT_ID);
      
       try {
       if (resultId == null) {
       nextPage = getLoginView(request, response);
       } else if (resultId.equalsIgnoreCase(RESULT_LOGOUT)) {
       nextPage = getLogoutView(request, response);
       } else if (resultId.equalsIgnoreCase(RESULT_ERROR)) {
       nextPage = getErrorView(request, response);
       }
      
       ...
      
       } catch (Exception e) {
       EmfgLogger.error(e);
       }
      
       // nextPage <- Login View
       request.getRequestDispatcher(nextPage).forward(request, response);
       }
      
      


      
       ...
      
       <form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
       <INPUT type="hidden" name="RESULT_ID">
       <TABLE>
       <TR>
       <TD colspan=3 align=center><FONT color=red><%=title%></TD>
       </TR>
       <TR>
       <TD width=10> </TD>
       <TD>USER-ID</TD>
       <TD><INPUT type="text" name= "j_username" size=20 maxlength=32 style="font-size:13"></TD>
       </TR>
       <TR>
       <TD width=10> </TD>
       <TD>PASSWORD</TD>
       <TD><INPUT type="password" name= "j_password" size=20 maxlength=64 style="font-size:13"></TD>
       </TR>
       <TR>
       <TD colspan=3 align=center><input type=submit></TD>
       </TR>
       </TABLE>
       </form>
      
       ...