0 Replies Latest reply on Oct 5, 2006 5:36 AM by Galo

    FORM auth. doesn't forward properly after login

    Galo Newbie

      I'm trying to get a simple authentication on my webapp but i'm getting a weird problem.

      Everything works fine, I get into any page the server forwards to the login page, password is validated correctly against records in my db. At this point by other examples i've seen, the server would forward me automatically to the page i requested (say index.jsp). Instead of that, i get an image that's used at the top of index.jsp. Some other times I get the css file! It looks like it opens the index.jsp picks something at random from the headings and throws it to the response. If i then type the url to index.jsp, it lets me in and the session is authenticated, the problem is just on the forward after performing the login..

      Has anybody any clues of why this happens? I'm doing a couple of <jsp:include page='headers.jsp' /> at the top, but i'm pretty sure everything's correct there and no exceptions ocurr inside so i don't have a clue of what's the problem..

      These are the relevant sections of my web.xml in case it helps

       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Protected Pages</web-resource-name>
       <url-pattern>/*</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       </web-resource-collection>
       <auth-constraint>
       <role-name>User</role-name>
       </auth-constraint>
      
       <user-data-constraint>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
       </security-constraint>
      
       <security-role>
       <description>Authorized to access everything</description>
       <role-name>Admin</role-name>
       </security-role>
      
       <security-role>
       <description>Authorized to limited access</description>
       <role-name>User</role-name>
       </security-role>
      
      
       <login-config>
       <auth-method>FORM</auth-method>
       <form-login-config>
       <form-login-page>/login.jsp</form-login-page>
       <form-error-page>/errorPages/loginError.jsp</form-error-page>
       </form-login-config>
       </login-config>
      


      Many thanks