Thank you for your reply. I am using container
managed authentication.
My problem is "how to go from j_security_check back to
my Struts framework."
I have my Tomcat JDBCRealm configured and users,
user_roles tables prepared in the database.
In my struts-config.xml file, I did this forward when
users click on the LOGON button:
<forward
name="logon"
path="/signin/logon.jsp"/>
and in my web.xml file, I have:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/signin/logon.jsp</form-login-page>
<form-error-page>/signin/logon.jsp?error=true</form-error-page>
</form-login-config>
</login-config>
The Tomcat server found the signinForm.jsp through the
/signin/logon.jsp without problem.
and my signinForm.jsp is correctly prepared:
<%@ taglib uri="/tags/struts-html" prefix="html" %>
<HTML>
<HEAD>
<TITLE>Container Managed Authentication</TITLE>
</HEAD>
<BODY>
<html:errors/>
<html:form action="j_security_check" method="post"
focus="j_username">
<TABLE border="0" width="100%">
<TR>
<TH align="right">User Name:</TH>
<TD align="left"><html:text property="j_username"
size="25"/></TD>
</TR>
<TR>
<TH align="right">Password:</TH>
<TD align="left"><html:password property="j_password"
size="10"/></TD>
</TR>
<TR>
<TD align="right"><html:submit/></TD>
<TD align="left"><html:reset/></TD>
</TR>
</TABLE>
</html:form>
</BODY>
</HTML>
--Caroline
--- Sasha Borodin <[EMAIL PROTECTED]> wrote:
> I think you may be doing two things wrong:
>
> 1. j_security_check is a special URL. If you have
> a security realm defined
> in your web application, and authentication method
> specified as FORM, then
> the container will automatically forward any
> requests for protected
> resources to a configurable login form. This login
> form collects the
> username and password, and posts to this special
> URL; the post to
> j_security_check gets intercepted by your servlet
> container, which performs
> Container Managed Authentication - it looks for the
> j_username and
> j_password, authenticates the combination, and
> forwards to the originally
> requested resource, or to a configurable error page
> if the authentication
> fails.
>
> All this to say that you can not map an action to
> j_security_check.
> Furthermore, you can't even aggressively
> authenticate using CMA (Container
> Managed Authentication) - if you go directly to your
> login page (without
> being forwarded there by you container), and try to
> submit the form, you'll
> get an error.
>
> 2. If you were trying to map a legitimate URL, then
> you'd have your
> <action> properties wrong.
>
> <action>
> path="/someLegitimatePath"
>
> type="your.action.class"
>
> name="name of a previously defined ActionForm if
> needed for this action"
> </action>
>
> HTH,
>
> -Sasha
>
>
> On 10/10/03 20:21, "Caroline Jen"
> <[EMAIL PROTECTED]> wrote:
>
> > Because there is such a statement (shown below) in
> my
> > signinForm.jsp:
> >
> > <html:form action="j_security_check" method="post"
> > focus="j_username">
> >
> > I put
> >
> > <action
> > name="j_security_check"
> > path="/do/admin/Menu"/>
> >
> > in my struts-config.xml file.
> >
> > When I ran the application, I got:
> >
> > [ServletException
> in:/article/content/signinForm.jsp]
> > Cannot retrieve mapping for action
> /j_security_check'
> >
> > I know that I did not specify the action properly.
> > What is the correct way to do it?
> >
> > __________________________________
> > Do you Yahoo!?
> > The New Yahoo! Shopping - with improved product
> search
> > http://shopping.yahoo.com
> >
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > For additional commands, e-mail:
> [EMAIL PROTECTED]
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
>
__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
