Max Cooper schrieb: > I am not sure if this made it through before as it came up as a > "recovered file" when I restarted my mail client. Sorry if this is a > duplicate...
It was no duplicate - thanks for mailing again and for your hint. After putting all security stuff in securityfilter-config.xml the error message is gone and authentication works. The only thing I have to ask you again is a redirection which won't work as expected: As I already told the login form is on every page. When I use the login form from the sub-app url http://localhost:8080/mainapp/subapp/docpool/showdocs.do I'll get the error: 17.09.2002 16:55:03 org.apache.commons.logging.impl.Jdk14Logger error FATAL: Invalid path /mainapp/subapp/docpool/showdocs was requested I assume this has something to do with the sub-app because the correct redirection has to go to /showdocs which struts will translate to the above url. Is there a solution to this problem? (I'm using Tomcat 4.0.4 on Win2K, struts 1.1b1, security-filter 1.0b3) gus > > Gus, > > That message seems to be coming from the web container (app server), > which most likely means that you have configured your web app to use > container based security. SecurityFilter is intened to be a replacement > for container based security, so you need to turn container security off > to use it. Cut and paste the security-related items from you web.xml > into securityfilter-config.xml. There should be no security-related > configuration items left in web.xml. > > The other possibility is that the server does not allow any requests to > j_security_check with container security on or off. If this seems to the > case, what server are you using? > > -Max > > On Sun, 2002-09-15 at 23:41, gus wrote: > >>Hi! >> >>I'm trying to use SecurityFilter in a Struts application with modules >>(sub-apps) while the login form is on every page of the whole application. >> >>While in the main app authentication is fine. But when I try to submit >>the j_security_check form in one of the modules I receive the >>following error: >>Configuration error: Cannot perform access control without an >>authenticated principal >> >>Do you have any hints on that behaviour? >> >> gus >> > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
