FYI...
I've done a simple test with no struts involved, and the post data still
fails to pass through ok.
It's basicly 3 files
Index.html links to form.html
Form.html posts to process.jsp
Both form.html and process.jsp are protected, though interestingly the
login page only comes up when submitting the form (ie. Already in
form.html) - I don't know if this is my mistake or another bug.
Included files are the test - based on JBoss 3.2.3 with tomcat4.1
embedded.
Martin
Index.html
<html>
<body>
<a href="form.html">form</a>
</body>
</html>
form.html
<html>
<body>
<form action="process.jsp" method="post">
<input type="text" name="text1"/>
<input type="submit" value="OK"/>
</form>
</body>
</html>
login.html
<html>
<body>
<h4>Please login:</h4>
<form method="POST" action="j_security_check">
<input type="text" name="j_username">
<input type="password" name="j_password">
<input type="submit" value="OK">
</form>
</body>
</html>
process.jsp
<html>
<body>
text1=<%=request.getParameter("text1")%>
</body>
</html>
WEB-INF\web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application
2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";>
<web-app >
<session-config>
<session-timeout>2</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Signon</web-resource-name>
<description>Declarative security tests</description>
<url-pattern>/form.html</url-pattern>
<url-pattern>/process.jsp</url-pattern>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>customer</role-name>
<role-name>merchant</role-name>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<description>no description</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/login.html</form-error-page>
</form-login-config>
</login-config>
</web-app>
WEB-INF\jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_3_0.dtd";>
<jboss-web>
<security-domain>java:/jaas/authtest</security-domain>
<!-- Resource Environment References -->
<!-- Resource references -->
<!-- EJB References -->
</jboss-web>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
