Here's how I solved your issue: http://tinyurl.com/5s4e
HTH, Matt > -----Original Message----- > From: Sloan Seaman [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 13, 2003 8:32 AM > To: Tomcat Users List > Subject: Re: Form based security > > > Ok, I figured most of the things out. > > My next question (along the same lines) is this: > > I have a link to the login.jsp which is now in a > security-constraint area. > When they use the login.jsp successfully it complains about: > Invalid direct reference to form login page > > How do I use the login page and define a page for a successful login? > > Thanks! > > -- > Sloan > > ----- Original Message ----- > From: "Sloan Seaman" <[EMAIL PROTECTED]> > To: "Tomcat Users List" <[EMAIL PROTECTED]> > Sent: Thursday, February 13, 2003 10:01 AM > Subject: Re: Form based security > > > > I have a filter set up so that if they don't go to the index.jsp or > > login.jsp it will redirect them to the login.jsp. > > (is that the best way?) > > > > So basically they either go to the index.jsp or login.jsp > page. How do I > > list a page as secure? > > > > Do I have to wirte code for the j_security_check or is this > something > within > > tomcat? > > > > ----- Original Message ----- > > From: "Barney Hamish" <[EMAIL PROTECTED]> > > To: "'Tomcat Users List'" <[EMAIL PROTECTED]> > > Sent: Thursday, February 13, 2003 9:50 AM > > Subject: RE: Form based security > > > > > > > Are you going directly to the login page? If so then you > need to go to a > > > page in that's listed as being secure. You will then be > forwarded to the > > > login page. When you've logged in successfully then you will be > forwarded > > to > > > the page you originally requested. > > > Hamish > > > > > > > -----Original Message----- > > > > From: Sloan Seaman [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, February 13, 2003 3:48 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Form based security > > > > > > > > > > > > I'm attempting to do form based security and I keep getting a > > > > 404 error when > > > > I click the submit button. > > > > > > > > I'm guessing I'm missing some type of configuration in the > > > > server.xml..... > > > > > > > > The form I am using is: > > > > <form method="POST" action="j_security_check"> > > > > <input type="text" name="j_username"/> > > > > <input type="password" name="j_password"/> > > > > <input type="submit" value="Submit"> > > > > </form> > > > > > > > > > > > > And I have the following in my web.xml > > > > <login-config> > > > > <auth-method>FORM</auth-method> > > > > <form-login-config> > > > > <form-login-page>/login.jsp</form-login-page> > > > > <form-error-page>/login-error.jsp</form-error-page> > > > > </form-login-config> > > > > </login-config> > > > > > > > > Can anyone help me out here? > > > > > > > > -- > > > > Sloan > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]