Users should *never* try to request the login page correctly. Likewise, the user interface of your app should never reference it. Just set up your links to point at the real pages. The servlet container will "pop up" the form login page whenever the user accesses a protected page, and then honor the original request for you -- just like the user experience when you are using BASIC authentication. Craig On Fri, 24 Aug 2001, Roland wrote: > Date: Fri, 24 Aug 2001 17:36:14 -0300 > From: Roland <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: Re: Question working with security realms/Bug discovered? > > > > http://localhost:8080/examples/jsp/security/protected/index.jsp > > I was playing around with that example a little: > I encountered the following behaviour: > > as long as I type in incorrect logins and passwords everything is fine(he > keeps sending me back to the login page), but when I type in correct stuff, > like tomcat/tomcat ( a valid login) suddenly I encounter the following error > message: > > http://localhost:8080/examples/jsp/security/login/j_security_check > PAGE NOT FOUND > > But then when I go directly to: > > http://localhost:8080/examples/jsp/security/protected/index.jsp > You are logged in as remote user tomcat > > Your user principal name is tomcat > > To check whether your username has been granted a particular role, enter it > here: > > everything is fine, so he recognized the login. > > Is this a bug? > > Roland > > >
