[jboss-user] [Security & JAAS/JBoss] - from login.jsp -->HTTP Status 400 - Invalid direct reference

shankaran do-not-reply at jboss.com
Wed Oct 18 05:46:59 EDT 2006


Hi all,

I want to know how to forward to next page after the j_security_check , in case if i invoke login page directly.

My problem is:
My web app work fine for following steps:
1)hitting the url in IE : http://localhost:8080/Myapp
2) login.jsp page shown then i entered valid username,pwd then click submit button, "jsecuritycheck" execute then redirect to correct page and every think work fine.

but in special case :ie)
1) I type the url in IE: http://localhost:8080/Myapp/login.jsp -- i shown login.jsp i entered valid username,pwd then i click submit button i got following error :

HTTP Status 400 - Invalid direct reference to form login page
The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).

So i wnat to know how to redirect the page after execution of "j security check". is possible?

my app is j2ee+jboss+jaas under form auth.

My web.xml is : 

<web-app >
  
  <welcome-file-list>
   <welcome-file>welcome.jsp</welcome-file>
 </welcome-file-list>

   <security-constraint>
    <display-name>global access</display-name>
    <web-resource-collection>
      <web-resource-name>everyone</web-resource-name>
      <url-pattern>/welcome.jsp</url-pattern>
      <url-pattern>/login.jsp</url-pattern>
      <url-pattern>/loginErr.jsp</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>sample1</role-name>
      <role-name>myGroup</role-name>
      <role-name>myAdminGroup</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
  <security-constraint>
    <display-name>movies list</display-name>
    <web-resource-collection>
      <web-resource-name>MoviesMaint</web-resource-name>
      <url-pattern>/movies/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>sample2</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
  <security-constraint>
  
   <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>MoviesRealm</realm-name>
    <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/loginErr.jsp</form-error-page>
    </form-login-config>
  </login-config>

  <security-role>
    <role-name>sample1</role-name>
  </security-role>
  <security-role>
    <role-name>sample2</role-name>
  </security-role>
  
</web-app>

-------------------------------------------------------------------------------

from login.jsp url i didn't get login this is my problem, please any one give suggesstion to solve this.
Thanks In Advance,
Shankaran. 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3979012#3979012

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3979012



More information about the jboss-user mailing list