Hello all I have been trying to set up FORM based authentication, but it only works half-way. When I try to get to the protected resource, it sends me to the login page: good. If I authenticate incorrectly, then it sends me to the login error page: good. If I authenticate _correctly_, it also sends me to the login error page: bad.
I have been reading at jakarta.apache.org, and in JSP & Servlets cookbook, and I don't know what I am doing wrong. Please find the config files below. My form uses the j_user_name, j_password and so forth. I have reloaded the app and restarted tomcat. Thank you for any help/pointers... fb. ----------tomcat-users.xml (truncated...) <user username="joedoe" password="1joe2" roles="clients"/> ----------end tomcat-users.xml ----------web.xml <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <!-- Beginning of web.xml deployment descriptor --> <security-constraint> <web-resource-collection> <web-resource-name>Client login</web-resource-name> <url-pattern>/clients/index.jsp</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>clients</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/loginError.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>clients</role-name> </security-role> </web-app> ------------------end web.xml --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]