what happen if you load tour error page using the address bar? can you
see it? Isn't a path matter?
regards,
Omar
On Wed, 19 Jan 2005 00:06:20 -0500, Venkat Radha Venkataramanan
[EMAIL PROTECTED] wrote:
Hello:
I just wrote my first form-based security control. It works fine if I sign
PROTECTED]
Sent: Wednesday, January 19, 2005 3:31 AM
To: Tomcat Users List
Subject: Re: Form-based security
what happen if you load tour error page using the address bar? can you
see it? Isn't a path matter?
regards,
Omar
On Wed, 19 Jan 2005 00:06:20 -0500, Venkat Radha Venkataramanan
[EMAIL
Here's how I've done it -
First of all, I don't use j_security_check as my action, but rather
auth/ which maps to a LoginServlet. That servlet does some other things,
but here's the relevant code. The StringUtil.encodeString(password) method
changes to cookie to be base64 encrypted. Not a very
Howdy,
I'm not doing this, and I'm one of those people who cleans their cache
every time their browser is closed (12Ghosts auto wash is among the
greatest tools I've ever seen for any computing purpose, ever), so
Remember Me functionality doesn't typically work for me, but...
Is anyone doing
Subject: RE: Form based security and Remember Me
Howdy,
I'm not doing this, and I'm one of those people who cleans
their cache every time their browser is closed (12Ghosts auto
wash is among the greatest tools I've ever seen for any
computing purpose, ever), so Remember Me
From: John Trollinger [EMAIL PROTECTED]
Sent: Thursday, February 20, 2003 12:31 PM
Subject: RE: Form based security and Remember Me
But does this work with Form based authenticaiton and realms... How do
you let the realm know that the user remembered so the login can be
bypassed
will always
return a value (null is definitely an error).
Hope this is relevant to the thread
Bill
-Original Message-
From: John Trollinger [mailto:[EMAIL PROTECTED]]
Sent: Friday, 21 February 2003 7:32 AM
To: 'Tomcat Users List'
Subject: RE: Form based security and Remember Me
But does
, 2003 08:48
Subject: RE: Form based security
Here's how I solved your issue:
http://tinyurl.com/5s4e
HTH,
Matt
-Original Message-
From: Sloan Seaman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 8:32 AM
To: Tomcat Users List
Subject: Re: Form based security
On Fri, Feb 14, 2003 at 03:42:21PM -0700, Sean Dockery wrote:
Redirecting all 400 errors to your index page is a questionable practice
because not all 400 (SC_BAD_REQUEST) errors are Invalid direct reference
... errors. I wish that there was a legitimate configuration change to
enable you to
there. If
you're using form-based authentication - Struts will play nicely with it.
HTH,
Matt
-Original Message-
From: Sloan Seaman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 8:52 AM
To: Tomcat Users List
Subject: Re: Form based security
Ok, I've got
Are you going directly to the login page? If so then you need to go to a
page in that's listed as being secure. You will then be forwarded to the
login page. When you've logged in successfully then you will be forwarded to
the page you originally requested.
Hamish
-Original Message-
or is this something within
tomcat?
- Original Message -
From: Barney Hamish [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Thursday, February 13, 2003 9:50 AM
Subject: RE: Form based security
Are you going directly to the login page? If so then you need to go to a
page
and define a page for a successful login?
Thanks!
--
Sloan
- Original Message -
From: Sloan Seaman [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Thursday, February 13, 2003 10:01 AM
Subject: Re: Form based security
I have a filter set up so that if they don't go
:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 4:32 PM
To: Tomcat Users List
Subject: Re: Form based security
Ok, I figured most of the things out.
My next question (along the same lines) is this:
I have a link to the login.jsp which is now in a
security-constraint area.
When
guess...
--
Sloan
- Original Message -
From: Barney Hamish [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Thursday, February 13, 2003 10:33 AM
Subject: RE: Form based security
I think you've got the wrong idea about how the form-based security works.
It is counter
Here's how I solved your issue:
http://tinyurl.com/5s4e
HTH,
Matt
-Original Message-
From: Sloan Seaman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 8:32 AM
To: Tomcat Users List
Subject: Re: Form based security
Ok, I figured most of the things out.
My
: Re: Form based security
Ok, I've got it now...
Thanks for the information.
Now my manager is saying he wasnted it all done in Struts and
that Struts
has a security model that I should be using. Is he wrong? I
though struts
was just tag libs and an MVC for hitting business logic
using form-based authentication - Struts will play nicely with it.
HTH,
Matt
-Original Message-
From: Sloan Seaman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 8:52 AM
To: Tomcat Users List
Subject: Re: Form based security
Ok, I've got it now...
Thanks
List
Subject: Re: Form based security
Ok, I've got it now...
Thanks for the information.
Now my manager is saying he wasnted it all done in Struts and
that Struts
has a security model that I should be using. Is he wrong? I
though struts
was just tag libs and an MVC
the use
in the role?
If so, How?
Thanks again!
--
Sloan
- Original Message -
From: Barney Hamish [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Thursday, February 13, 2003 10:54 AM
Subject: RE: Form based security
No struts doesn't have a security model of its own
20 matches
Mail list logo
