You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by raj <ra...@clarologic.com> on 2001/10/22 12:27:01 UTC
problem with form based authentication (tomcat 3.2.3)
Wrote a small test servlet which works fine
using JDBC realm and BASIC authentication.
But when I replace BASIC with FORM
(with LoginForm.html & LoginError.html files
inside the servlet) I get:
http://localhost/testservlet/j_security_check
(my servlet call is:
http://localhost/testservlet/servlet/testserv)
The web.xml looks as follows:
----------------------------------------------------------
<servlet>
<servlet-name>testserv</servlet-name>
<servlet-class>testservlet.TestServlet</servlet-class>
</servlet>
<security-constraint>
<web-resource-collection>
<web-resource-name>Test Servlet</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>web_user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<!--
<auth-method>BASIC</auth-method>
<realm-name>ClaroLogic</realm-name>
-->
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/LoginForm.html</form-login-page>
<form-error-page>/LoginError.html</form-error-page>
</form-login-config>
</login-config>
----------------------------------------------------------
I recollect some mention of problems when the
LoginForm.html and LoginError.html are placed inside
the servlet itself. Is this true?
If yes, where do I put it and how would the corresponding
entry in the above web.xml file look.
PS: I have tried to used Tomcat 4.0.1 but could not, because
the code used the Driver class to get the connection rather than
DriverManager. With Coludscape, this tends to result in a null
connection.
I've had little luck with Cloudscape sice Informix themselves seems
to treat it as a step-child nowadays.
Cheers
-raj