users@glassfish.java.net

form login page outside war file?

From: Bobby Bissett <Robert.Bissett_at_Sun.COM>
Date: Tue, 04 Dec 2007 10:52:16 -0500

Hi,

Given a login-config such as this:

   <login-config>
     <auth-method>FORM</auth-method>
     <realm-name>Some_Realm</realm-name>
     <form-login-config>
       <form-login-page>/login.jsp</form-login-page>
       <form-error-page>/login_error.jsp</form-error-page>
     </form-login-config>
   </login-config>

...is it possible to have the form login page be outside of the current
war file? My project is part of a group of web apps that use single sign
on and there is a common login page in another war file. It's easy
enough to point links in my pages to that one and everything works.

But we have some pages that may be accessed from links in external
sites, and they are protected with a security-constraint that uses the
login-conf above. In standalone mode (deploying this web app without the
others), /login.jsp is fine. But now I'd like to point it to the login
page in another war. Is there any way to do this?

(I have tried changing my login.jsp page so that it redirects to the
desired login page, which does properly redirect, but then the container
doesn't bring me back to the protected page again. I've also tried
forwarding from my login.jsp, but this gives me a 404 no matter what I try.)

Thanks,
Bobby