Maybe you should post the secuiry related parts of your web.xml - its difficult to help with config issues without seeing the config.
Niall On 3/20/06, Haim Raman <[EMAIL PROTECTED]> wrote: > I am having an Issue here that I need your help on. > > We are using here Struts based web application. > > The configuration used here is jboss 4.01-sp1 running inside an apache > web server on a linux based machine with Struts version 1.2.4. > > > I am using form based authentication with a realm that works fine. > The security constrains are specific for certain urls. > > The thing is that I need to bypass the login form for some actions and > allow login based on user name and password in the url parameters. > > In-order to do this I am mapping an existing action (currently mapped to > /bar/action.do) to a second url e.g. /foo/action.do. The /foo/* url is > not restrict by the security constrains so the login form should not be > displayed. > > The problem is that the first time I am clicking on the link for the > action that should bypass the login form (e.g. > /foo/action.do?user=root&password=secret) I am redirect to the login > form. The second time I am clicking the link I am redirected to my > action without a problem (and without applying the user name and > password to the form). > > > When trying to access a jsp page outside the security area I do not have > this problem. > > > It looks like a configuration issues to me? > Does anyone have any idea what is the problem? > > > Thank > Haim > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
