Hi,
I have a servlet filter doing authentication for my webapp.
basically I'm doing the following
public void doFilter(ServletRequest servletRequest,
ServletResponse servletResponse, FilterChain filterChain) throws
IOException, ServletException {
...
if (
servletRequest.getParameter("doLogin") != null &&
servletRequest.getParameter("username") != null &&
servletRequest.getParameter("password") != null
) {
String username = (String)
servletRequest.getParameter("username");
String password = (String)
servletRequest.getParameter("password");
/**
* Clearing the parameter map
*/
try {
((HttpServletRequest)
servletRequest).login(username, password);
....
}
catch(ServletException se)
{
((HttpServletResponse)
servletResponse).sendRedirect(((HttpServletRequest)
servletRequest).getRequestURI() + "?setLoggedIn=false");
}
catch (Exception e) {
e.printStackTrace();
((HttpServletResponse)
servletResponse).sendRedirect(((HttpServletRequest)
servletRequest).getRequestURI() + "?setLoginError=true");
}
}
however, I cannot distinguish if the ServletException is from the
login or from something else, as se.getCause() and se.getRootCause()
always point to itself... so I never get the
javax.security.auth.login.LoginException that is thrown somewhere and
I'm unable to distinguish if an exception got thrown because the
credentials are
wrong or because something other threw a servlet exception.
in the server logs the following message is written:
[#|2010-06-15T14:52:39.276+0200|WARNING|glassfish3.0|javax.enterprise.system.container.web.com.sun.web.security|_ThreadID=25;_ThreadName=http-thread-pool-8080-(2);|Web
login failed: Login failed: javax.security.auth.login.LoginException:
Security Exception|#]
how can I catch that one?
thanks,
dominik
--
Dominik Dorn
http://dominikdorn.com
Tausche Deine Lernunterlagen auf http://www.studyguru.eu !