problem with form based authentication (tomcat 3.2.3)

[raj <ra...@clarologic.com>]

Wrote a small test servlet which works fine
using JDBC realm and BASIC authentication.

But when I replace BASIC with FORM
(with LoginForm.html & LoginError.html files
inside the servlet) I get:

http://localhost/testservlet/j_security_check

(my servlet call is:
http://localhost/testservlet/servlet/testserv)


The web.xml looks as follows:
----------------------------------------------------------
<servlet>
  <servlet-name>testserv</servlet-name>
  <servlet-class>testservlet.TestServlet</servlet-class>
</servlet>
   
<security-constraint>
  <web-resource-collection>
    <web-resource-name>Test Servlet</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
    <role-name>web_user</role-name>
  </auth-constraint>
</security-constraint>

<login-config>
  <!--
  <auth-method>BASIC</auth-method>
  <realm-name>ClaroLogic</realm-name>
  -->
  <auth-method>FORM</auth-method>
    <form-login-config>
      <form-login-page>/LoginForm.html</form-login-page>
      <form-error-page>/LoginError.html</form-error-page>
    </form-login-config>
</login-config>
----------------------------------------------------------

I recollect some mention of problems when the
LoginForm.html and LoginError.html are placed inside
the servlet itself. Is this true?

If yes, where do I put it and how would the corresponding
entry in the above web.xml file look.


PS: I have tried to used Tomcat 4.0.1 but could not, because
the code used the Driver class to get the connection rather than
DriverManager. With Coludscape, this tends to result in a null
connection.

I've had little luck with Cloudscape sice Informix themselves seems
to treat it as a step-child nowadays.

Cheers
-raj