You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Malcolm Warren <ma...@villeinitalia.com> on 2004/04/04 23:20:40 UTC

FORM authentication - prevent login from popping up

I'm switching from Basic (with SSL) to Form authentication (also with SSL 
of course).

This has caused a problem with one particular application, which opens a 
socket on a .jsp page, collects the html code and saves it disk. The html 
code is then later used by a fax application to send a fax.

With Form authentication I am getting a login popping up, which since I 
have already signed in, should be unnecessary if I provide the right stuff 
to Tomcat.

For Basic authorization, all the application had to do was send an 
"Authorization" header and in I went without a login.
But with Form authentication I am unable to prevent the new login.
I assumed that setting the JSESSIONID and JSESSIONIDSSO cookies would be 
sufficient, and here is my code.

	    OutputStream out = sock.getOutputStream();
	    String firstLine = "GET " + fileName + " HTTP/1.1\r\n";
	    String secondLine = "Host: " + hostName + "\r\n";
	    send(out, firstLine);
	    send(out, secondLine);
	    send(out, "Set-Cookie: JSESSIONID=" + jsessionId + ";JSESSIONIDSSO=" 
+ jsessionidSSO + "; Path=/" + "\r\n");
	    send(out, "\r\n");

But unfortunately Tomcat isn't impressed and I get a login page. Can 
anybody tell me where I'm going wrong?

Thanks.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: omcat 5 on WinNT

Posted by Anu Mathew <an...@india.advinfo.net>.

----- Original Message -----
From: "Anand Ravi" <an...@emacmillan.com>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Monday, April 05, 2004 1:17 PM
Subject: omcat 5 on WinNT


> Hi List,
>
> I am trying to install Tomcat 5.0.19 on Win NT4 (SP4) with no success. Any
> pointers will be highly appreciated.
>
> Thanks and Regards,
> Anand Ravi
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

omcat 5 on WinNT

Posted by Anand Ravi <an...@emacmillan.com>.

Hi List,

I am trying to install Tomcat 5.0.19 on Win NT4 (SP4) with no success. Any
pointers will be highly appreciated.

Thanks and Regards,
Anand Ravi




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: FORM authentication - prevent login from popping up

Posted by Adam Hardy <ah...@cyberspaceroad.com>.

To do a login programmatically via form-based authentication, you would 
need to watch for the login form being returned that has a submit action 
to j_security_check. You must submit that with the correct headers and 
form element parameters - j_username and j_password.

Adam

On 04/04/2004 11:20 PM Malcolm Warren wrote:
> 
> I'm switching from Basic (with SSL) to Form authentication (also with 
> SSL of course).
> 
> This has caused a problem with one particular application, which opens a 
> socket on a .jsp page, collects the html code and saves it disk. The 
> html code is then later used by a fax application to send a fax.
> 
> With Form authentication I am getting a login popping up, which since I 
> have already signed in, should be unnecessary if I provide the right 
> stuff to Tomcat.
> 
> For Basic authorization, all the application had to do was send an 
> "Authorization" header and in I went without a login.
> But with Form authentication I am unable to prevent the new login.
> I assumed that setting the JSESSIONID and JSESSIONIDSSO cookies would be 
> sufficient, and here is my code.
> 
>         OutputStream out = sock.getOutputStream();
>         String firstLine = "GET " + fileName + " HTTP/1.1\r\n";
>         String secondLine = "Host: " + hostName + "\r\n";
>         send(out, firstLine);
>         send(out, secondLine);
>         send(out, "Set-Cookie: JSESSIONID=" + jsessionId + 
> ";JSESSIONIDSSO=" + jsessionidSSO + "; Path=/" + "\r\n");
>         send(out, "\r\n");
> 
> But unfortunately Tomcat isn't impressed and I get a login page. Can 
> anybody tell me where I'm going wrong?
> 
> Thanks.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


-- 
struts 1.2 + tomcat 5.0.19 + java 1.4.2
Linux 2.4.20 Debian


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org