hi all, developing on w98 with tomcat 3.2.24, mysql 3.23.26, struts 1.0.2, jsk 1.3.1. will be deploying with same setup but on xp. i was taking a custom authorization approach originally, using a Struts LoginAction for the protected areas of my web app. but i thought a JDBCRealm would be a neat thing to implement. so, i got my JDBCRealm configured, no problem. what happens now, is when a user tries to load a protected resource, they are taken to the login page. they login, and they're rerouted to the resource they originally tried to access. sweet!
however, if someone, say, bookmarks the login page itself, or loads http://www.mydomain.com/login.jsp as the very first page they visited on the site, then logs in successfully? then all bets are off right?. in that case, i get a '404 page /protected_dir/null not found' message. of course, if they give it a duff username/pass they get sent to my <form-error-page>, as expected. forgive me if there is an obvious solution to this that i'm missing, but it's 5 a.m., and i've been working on this for the last 12 hours; and therfore not as sharp as i should be at the moment. what should i do to work around this? is there some way to point the login page to a Struts Action servlet? and still use a JDBCRealm? i figured the *only* action i was allowed to use with JDBCRealms was 'j_security_check', with the requisite 'j_username' and 'j_password' form fields. no struts actions allowed. is that right? or is there some way - using a JDBCRealm - to set a default page that login would go to on a successful login, in the cases where a user hasn't previously tried accessing a protected area, but instead simply tried loading the login.jsp page itself, as the very first page the user visits when they enter the site? any help anyone can give would be greatly appreciated. thanks in advance. will --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
