[jboss-user] [Security & JAAS/JBoss] - form based authentication not working under JBoss 4.0.5 but
wonker
do-not-reply at jboss.com
Fri Feb 9 06:17:50 EST 2007
I am having trouble with jaas and jboss under JBoss 4.0.5 (does work in 3.2.5).
When I try to access a protected resource, I should and do get redirected to the login page (j_security_check enabled) and I do, but logging in gives me a 404:
http://host/admin/action/Home ->
| http://host/admin/Login.jsp ->
| http://host/j_security_check;jsessionid=1 (404)
With JBoss 3.2.5 when I try and access the protected resource I get sent to the login page, but it has a session id appended to it and it works fine (I get sent to the resource):
http://host/admin/action/Home ->
| http://host/admin/Login.jsp;jsessionid=2 ->
| http://host/admin/action/Home;jsessionid=2
The intresting thing is, when I handcraft the login url for 4.0.5 to be like the 3.2.5 one is works:
http://host/admin/action/Home ->
| http://host/admin/Login.jsp ->
| http://host/j_security_check;jsessionid=3 (404)
|
| http://host/admin/Login.jsp;jsessionid=3 (I know sessionId I so can construct url) ->
| http://host/admin/action/Home;jsessionid=3
I have checked the forum posts and can't see anything of note. I have added my config below but it works in a way as when I handcraft the url, it works fine.
Anyone have any idea? Cheers in advance.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4013571#4013571
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4013571
More information about the jboss-user
mailing list