You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Alan P Sexton <A....@cs.bham.ac.uk> on 2002/10/29 00:16:51 UTC

Using tiles and container managed security/form based login

[I have moved this branch of this thread to struts-users as it no longer
belongs on struts-dev; was: RE: [SURVEY] HREF attribute for FormTag] 

Thanks,

I should be able to use that advice to fix my problem. However I
still don't understand why my approach doesn't work:

I have CMS set up on /*. I put all my jsps under WEB-INF as per various
FAQ advice. Tomcat needs an accessible logon.jsp so that stays outside
(/logon.jsp). However, that just contains a logic:forward to a global
forward to /WEB-INF/jsp/logon.jsp which contains the appropriate
j_security_check form (in plain html). This works fine (although
thinking about it, it is not good as it is a jsp forwarding to a jsp -
even if it is the only one in my setup).

I then tried replacing the /logon.jsp forward to /WEB-INF/jsp/logon.jsp
to a forward to my new logon tile "tile.cmsLogon". This does not
work. However I am sure that the setup of this tile is correct (famous
last words). I suspect it is something to do with how tile definitions
are spliced into the forwards' namespace but have not had time to figure
out enough of the Struts sources to be sure.

I hadn't thought of forwarding to a proper action instead which could
forward to a tile.

Many thanks

Alan

Hal Deadman writes:
 > 
 > I have a container managed security login page fragment that is a Tile and
 > don't recall having any problem. Is the problem that you are trying to
 > specify a tile as the <form-login-page>? My form is using HTML for the form
 > tag and the username and password fields. When I specify the login page, I
 > specify struts actions as follows to give me a little more control over what
 > I display on the login jsp. The login.do action is then mapped to a Tile
 > component that eventually contains a login.jsp. You can use the url
 > parameters to determine in your action if you need to display a message to
 > the user about their login attempt not working.
 > 
 >     <login-config>
 >         <auth-method>FORM</auth-method>
 >         <realm-name>RpowerRealm</realm-name>
 >         <form-login-config>
 >             <form-login-page>/login.do?type=attempt</form-login-page>
 >             <form-error-page>/login.do?type=failed</form-error-page>
 >         </form-login-config>
 >     </login-config>
 > 
 > 
 > > > Cheers,
 > > >
 > > > Alan
 > >
 > > Craig
 > >

Alan


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>