[jboss-user] [Security & JAAS/JBoss] - JAAS, login configuration + Hi everybody
purbano
do-not-reply at jboss.com
Tue Jul 3 07:40:24 EDT 2007
Hello everybody, I've recently been subscribed to this forum, for I wanted to ask a doubt, and possible more will come later (and I hope one day I could answer one).
I am migrating an application, but I have problems with the login configuration. I use JAAS, an authorization form-based against a custom LoginModule. But login is failing. In myApp/WEB-INF/web.xml, I have:
| <login-config>
| <auth-method>FORM</auth-method>
| <realm-name>A name</realm-name>
| <form-login-config>
| <form-login-page>/login.jsp</form-login-page>
| <form-error-page>/error.jsp</form-error-page>
| </form-login-config>
| </login-config>
|
For the debug messages of the login module, I think authentication is succesful on the server, but I am redirected to login.jsp .
I have read about the form-based login process and I found the following explanation (with a graphic): http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security5.html#wp483367 . According to that, I should be redirected to the requested resource, or to error.jsp , if I am wrong and the login is actually failing.
I have tried it with jboss-4.0.2 and jboss-4.2.0 . As you could observe, I am a beginner that has to learn much concepts (JAAS, ...) in few time.
Anyone could please, please, help?
Pablo J.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4059893#4059893
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4059893
More information about the jboss-user
mailing list