Darren Govoni writes (3/6/2005 5:48 PM):
On Sun, 2005-03-06 at 20:47 -0500, Darren Govoni wrote:
Thanks Chuck. This approach works better, although I would think
regardless of the auth form, the redirect to error
page would be independent.
I would think so to, but it seems that authentication errors are handled
outside of the normal error-page mechanism. FORM authentication
provides a special declaration for this (form-error-page), while BASIC
authentication provides no means to make such a declaration.
Any idea how to do FORM based auth from a Java client?
I'm not using Java on the client side and so am not sure. I'd think you
would need to set the form-login-page to reach your client and then send
back the same kind of request that is generated by a normal login form
(i.e., POST a request to j_security_check passing j_username and
j_password as parameters). Another benefit of this approach is that you
can configure it to use https with the right declaration if you choose to.
Chuck
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
