You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Fabio Bazzani <si...@grisnet.it> on 2003/09/05 19:57:27 UTC
tomcat 4.1.27: Realm authentication 400 error code
How is it possible I get this message:
HTTP Status 400 - Invalid direct reference to form login page
during JDBC Realm FORM authentication.
These are the stpes I followed :
1. create tables in mysql db :
create table IsInRole(
username varchar(20) not null,
userrole varchar(10) not null,
primary key(username,userrole)
);
create table usertable(
username varchar(20) not null,
userpwd varchar(10) ,
....
...
primary key (username)
);
2. in server.xml
<Realm className="org.apache.catalina.realm.JDBCRealm"
debug="99"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/mydb"
connectionName="username"
connectionPassword="password"
userTable="usertable"
userNameCol="username"
userCredCol="userpwd"
userRoleTable="IsInRole"
roleNameCol="userrole" />
3. always in server.xml, commented out :
<!--
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
debug="0" resourceName="UserDatabase"/>
-->
4. created webapps/logIn/login.jsp with:
<form name="form1" method="post" action="j_security_check">
<input name="j_username" type="text" id="login" maxlength="16" size="20" >
<input name="j_password" type="password" id="password" maxlength="10" size="20">
<input type="submit" value="log in" name="action">
<input type="reset" value="pulisci" name="action"></p>
</form>
5. in web.xml :
<security-constraint>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<url-pattern>/protected/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>myrole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>authentication test</realm-name>
<form-login-config>
<form-login-page>/logIn/logIn.jsp</form-login-page>
<form-error-page>/logIn/logIn-error.jsp</form-error-page>
</form-login-config>
</login-config>
when I try to go to "/protected/index.jsp" I have to pass the login.jsp and when I authenticate I get 400 error code ? what's wrong ?
thank you
FB