Thank you for your reply. I am using container managed authentication. My problem is "how to go from j_security_check back to my Struts framework."
I have my Tomcat JDBCRealm configured and users, user_roles tables prepared in the database. In my struts-config.xml file, I did this forward when users click on the LOGON button: <forward name="logon" path="/signin/logon.jsp"/> and in my web.xml file, I have: <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/signin/logon.jsp</form-login-page> <form-error-page>/signin/logon.jsp?error=true</form-error-page> </form-login-config> </login-config> The Tomcat server found the signinForm.jsp through the /signin/logon.jsp without problem. and my signinForm.jsp is correctly prepared: <%@ taglib uri="/tags/struts-html" prefix="html" %> <HTML> <HEAD> <TITLE>Container Managed Authentication</TITLE> </HEAD> <BODY> <html:errors/> <html:form action="j_security_check" method="post" focus="j_username"> <TABLE border="0" width="100%"> <TR> <TH align="right">User Name:</TH> <TD align="left"><html:text property="j_username" size="25"/></TD> </TR> <TR> <TH align="right">Password:</TH> <TD align="left"><html:password property="j_password" size="10"/></TD> </TR> <TR> <TD align="right"><html:submit/></TD> <TD align="left"><html:reset/></TD> </TR> </TABLE> </html:form> </BODY> </HTML> --Caroline --- Sasha Borodin <[EMAIL PROTECTED]> wrote: > I think you may be doing two things wrong: > > 1. j_security_check is a special URL. If you have > a security realm defined > in your web application, and authentication method > specified as FORM, then > the container will automatically forward any > requests for protected > resources to a configurable login form. This login > form collects the > username and password, and posts to this special > URL; the post to > j_security_check gets intercepted by your servlet > container, which performs > Container Managed Authentication - it looks for the > j_username and > j_password, authenticates the combination, and > forwards to the originally > requested resource, or to a configurable error page > if the authentication > fails. > > All this to say that you can not map an action to > j_security_check. > Furthermore, you can't even aggressively > authenticate using CMA (Container > Managed Authentication) - if you go directly to your > login page (without > being forwarded there by you container), and try to > submit the form, you'll > get an error. > > 2. If you were trying to map a legitimate URL, then > you'd have your > <action> properties wrong. > > <action> > path="/someLegitimatePath" > > type="your.action.class" > > name="name of a previously defined ActionForm if > needed for this action" > </action> > > HTH, > > -Sasha > > > On 10/10/03 20:21, "Caroline Jen" > <[EMAIL PROTECTED]> wrote: > > > Because there is such a statement (shown below) in > my > > signinForm.jsp: > > > > <html:form action="j_security_check" method="post" > > focus="j_username"> > > > > I put > > > > <action > > name="j_security_check" > > path="/do/admin/Menu"/> > > > > in my struts-config.xml file. > > > > When I ran the application, I got: > > > > [ServletException > in:/article/content/signinForm.jsp] > > Cannot retrieve mapping for action > /j_security_check' > > > > I know that I did not specify the action properly. > > What is the correct way to do it? > > > > __________________________________ > > Do you Yahoo!? > > The New Yahoo! Shopping - with improved product > search > > http://shopping.yahoo.com > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]