-
1. Re: is j_uri exist in jboss???
sunnyyfl Feb 20, 2005 9:22 AM (in response to kenryu)Facing the same problem here. Trying to forward all success login to a specific welcome page after successful form login. Can this be done in JBoss/tomcat? Thank you.
-
2. Re: is j_uri exist in jboss???
starksm64 Feb 21, 2005 1:16 PM (in response to kenryu)No, j_uri is not a a standard property. The standard attributes included would be those of a forwarded request:
javax.servlet.forward.request_uri=/jmx-console/
javax.servlet.forward.context_path=/jmx-console
javax.servlet.forward.servlet_path=/index.jsp -
3. Re: is j_uri exist in jboss???
ionel Feb 26, 2005 7:11 AM (in response to kenryu)Hi Scott,
I tried this trick :<form action='j_security_check' method='POST'> <%request.setAttribute("javax.servlet.forward.request_uri", "/test-login/secured/index.jsp");%> <%request.setAttribute("javax.servlet.forward.context_path", "/test-login");%> <%request.setAttribute("javax.servlet.forward.servlet_path", "/secured/index.jsp");%> u : <input type="text" name="j_username" size="40"></br> p : <input type="text" name="j_password" size="40"></br> <input type="submit" value="Login"> </form>
in the login.jsp page (defined as the form-login-page).
Logon process is sucessful but the request attributes I override are not used and I am still landing on the requested secured page instead of the secured welcome page.
Am I missing something ?
Thanks,
ionel -
4. Re: is j_uri exist in jboss???
starksm64 Feb 26, 2005 9:50 AM (in response to kenryu)All javax.servlet.forward.* attributes are set automatically when the web container forwards a request.
-
5. Re: is j_uri exist in jboss???
ionel Feb 26, 2005 12:32 PM (in response to kenryu)Is there a way to bypass this in order to archieve the same functionnality than the unofficial j_uri parameter ?
Being a "man-in-the-middle" and forcing these attributes is useless ?
I tought this was the solution as I understood your answer from the 02/21.
Ionel -
6. Re: is j_uri exist in jboss???
starksm64 Feb 27, 2005 10:07 PM (in response to kenryu)It seems that the j_uri information is available in the existing javax.servlet.forward.* attributes so you'll have to describe what that won't work. You can create your own valvle to replace the default form authenticator to include your non-standard attributes.
http://www.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves -
7. Re: is j_uri exist in jboss???
ionel Feb 28, 2005 1:06 PM (in response to kenryu)I tried j_uri set to :
- http://localhost:8080/test-login/secured/welcome.jsp
- /test-login/secured/welcome.jsp
- test-login/secured/welcome.jsp
- /secured/welcome.jsp
- secured/welcome.jsp
- /welcome.jsp
- welcome.jsp
but none of these worked.
I still land on the requested page.
I think I'll try to use a custom security valve.
Ionel -
8. Re: is j_uri exist in jboss???
ionel Mar 1, 2005 4:22 PM (in response to kenryu)I did this valve
public class FormRedirectAuthenticator extends FormAuthenticator { public boolean authenticate(HttpRequest request, HttpResponse response, LoginConfig arg2) throws IOException { boolean formOk = super.authenticate(request, response, arg2); if (formOk) { System.out.println("Performing changes ..."); request.setRequestURI("/test-login/secured/index.jsp"); request.setContextPath("/test-login"); request.setServletPath("/secured/index.jsp"); } return formOk; } }
Unfortunatly, I found no way to add it 'dynamicaly' to my exploded .war directory.
Two questions :
1/ may this valve worked if I find a way to add it ?
2/ how to add a Valve on a 'per-dynamic context' ?
Thanks,
Ionel
PS : sorry for this but I will cross-post on the tomcat forum