Hi,
Im a newbie and have some problems with JDBCRealm and form-login and I hope someone
can help me.
When I login with a correct username and password but wrong role, it does not redirect
to the specified form-error-page. Instead it returns 403 error code. But when I logon
as a user that is not in the database it redirects correctly to the specified page. Im
using Tomcat 4.0.1 and MySQL database
Whats wrong? (more details below)
Thanks a lot in advance!
/ Victoria
In MySql database I have the two users
username=vic password=vic role=manager
username=pet password=pet role=user
The web.xml-file:
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>JDBC</realm-name>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
...
The login.html:
...
<form method="POST" action="j_security_check">
Login id: <input type="text" name="j_username" size="8" class=formStyle><br>
Password: <input type="password" name="j_password" size="8" class=formStyle><br>
<input type="submit" value=" Log In " = name="LogIn" class=formStyle>
</form>
...
When I login as "vic, vic" (in database an correct role) I'm redirected to index.html
=> OK
When I login as "jim,jim" (not in the database) I'm redirected to error.html => OK
When I login as "pet,sdg" (pet in database but wrong password) I'm redirected to
error.html => OK
But when I login as "pet,pet" (user in database but not correct role) I got error 403
=> NOT Ok, Im expecting to be redirected to error.html
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
