Hi Ankur, In article <[EMAIL PROTECTED]>, Thu, 19 Feb 2004 11:40:27 +1100, [EMAIL PROTECTED] wrote: ankur.kumar> ServletRedirectorSecure was not secured, but now it is. [...] ankur.kumar> org.apache.cactus.util.ChainedRuntimeException: Unable to login, probably ankur.kumar> due to bad username/password. Received a [200] ankur.kumar> response code and was expecting a [302]
This is the problem. As I reported in the last post, the response of the Step (4) is expected to be "HTTP/1.1 302 Moved Temporarily". This means that the Cactus (FormAuthentication) is expecting that the security_check (j_security_check in the default) results a redirection to the protected resource if the authentication is succeeded. If you are using custom authentication mechanism, which is specified by FormAuthentication#setSecurityCheckURL(java.net.URL), it should implement this behaviour. Regards, ---- Kazuhito SUGURI mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
