users@glassfish.java.net

Re: Basic Login **Problem** need help

From: <glassfish_at_javadesktop.org>
Date: Thu, 12 Jun 2008 19:00:37 PDT

actually i started thinking that too. but I tried that and it didn't work. i changed it to use a form now. basically what is happening now is i open up the page. it goes to the form, i type in the correct user/pass and it says access denied and doesn't let me back into the login page.

here is what i have

Realm Name: file

#################### web.xml #################
  
    <security-constraint>
        <display-name>admin</display-name>
        <web-resource-collection>
            <web-resource-name>admin</web-resource-name>
            <description/>
            <url-pattern>/admin/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>HEAD</http-method>
            <http-method>PUT</http-method>
            <http-method>OPTIONS</http-method>
            <http-method>TRACE</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <description/>
            <role-name>adminPriv</role-name>
        </auth-constraint>
        <user-data-constraint>
                <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>file</realm-name>
        <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
            <form-error-page>/logonError.jsp</form-error-page>
            </form-login-config>
        </login-config>
    <security-role>
        <description/>
        <role-name>adminPriv</role-name>
    </security-role>
    </web-app>

############## sun-web.xml ###################

  <security-role-mapping>
    <role-name>adminPriv</role-name>
    <group-name>secureadmin</group-name>
  </security-role-mapping>

############# login.jsp ####################


<%_at_page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
    <title>Login Page</title>
</head>

<h2>Hello, please log in:</h2>
<br><br>
<form action="j_security_check" method=post>
    <p><strong>Please Enter Your User Name: </strong>
    <input type="text" name="j_username" size="25">
    <p><p><strong>Please Enter Your Password: </strong>
    <input type="password" size="15" name="j_password">
    <p><p>
    <input type="submit" value="Submit">
    <input type="reset" value="Reset">
</form>
</html>

################ logonError.jsp #################

<%_at_page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
    <title>Login Error</title>
</head>
<body>
    <c:url var="url" value="/index.jsp"/>
    <h2>Invalid user name or password.</h2>

    <p>Please enter a user name or password that is authorized to access this
    application. For this application, this means a user that has been created in the
    <code>file</code> realm and has been assigned to the <em>group</em> of
    <code>user</code>. Click here to <a href="${url}">Try Again</a></p>
</body>
</html>
[Message sent by forum member 'icemandrew' (icemandrew)]

http://forums.java.net/jive/thread.jspa?messageID=280096
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.