Tuesday, March 1, 2011

How to forward to j_security_check?

I'm using form based authentication (JBOSS/JAAS) but my form is sending the data to my Servlet so I can perform some checks before trying to login.

Now I need to forward to j_security_check but what I tried didn't work (404 error)...

How can I redirect/forward to the j_security_check (please note the application is running over https / sssl) ?

I can make it work with a redirect and the params go in the URL, but that is not safe (as the user/pass stays in the browser history, etc)...

Any ideas?

From stackoverflow

  • Tomcat only accepts requests to j_security_check if it initiated a login process before for that session. So first you need to try to access a security-constraint resource. Then Tomcat will redirect you to the login form. Only then are you allowed to access j_security_check.

    AlfaTeK : that is not my issue. It is redirecting to my login form. The form action goes to my servlet and now I want to redirect/forward to the j_security_check. redirecting works but it is a GET request which is not safe
Posted by Ku XI at 7:21 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)