Form Based Authentication in Separate Deployment
Locked
 
|
Hi all,
I deployed my application using seperate deployment. My applications orbeon context is /orbeon-development and my application's context is /sample and it contains the xforms-jsp directory for the XForms pages. My instance is <xforms:instance id ="login-instance"> <login xmlns=""> <j_username /> <j_password /> </login> </xforms:instance> for the username control ref="instance('login-instance')/j_username" and for password field ref="instance('login-instance')/j_password" what is the absolute or relative url for posting to j_security_check. -- Phani. S M.Tech(Software Engineering) Motilal Nehru National Institute of Technology (+91) 9010093398 -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws |
|
|
I used the html form instead of xforms. It works fine. If the login is successful then it is forwarding to the correct page. But if the login information is wrong it is giving the correct page but with the URL http://localhost/sample/xforms-jsp/j_security_check. Why it is not giving the correct page when it is doing correctly for the success.
I am using 3.7.1.200910310400. One alternative I am thinking is to forward to a servlet, the servlet will redirect to the error page. instead of directly sending to error page. I don't know whether it works or not. Can some body suggest me what can be done to get the browser URL as expected. On Sat, Oct 31, 2009 at 8:04 PM, Phani Sajja <[hidden email]> wrote: Hi all, -- Phani. S M.Tech(Software Engineering) Motilal Nehru National Institute of Technology (+91) 9010093398 -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws |
Re: Re: Form Based Authentication in Separate Deployment
Administrator
|
Phani,
On Sun, Nov 1, 2009 at 12:11 AM, Phani Sajja <[hidden email]> wrote: > I used the html form instead of xforms. It works fine. If the login is > successful then it is forwarding to the correct page. But if the login > information is wrong it is giving the correct page but with the URL > http://localhost/sample/xforms-jsp/j_security_check. Why it is not giving > the correct page when it is doing correctly for the success. If the login is correct, it should redirect you to the page you were trying to access in the first place. I.e. if you initially went to http://localhost/sample/gaga, you should be redirected there. This is not what is happening? Alex -- Orbeon Forms - Web forms, open-source, for the Enterprise Orbeon's Blog: http://www.orbeon.com/blog/ My Twitter: http://twitter.com/avernet -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws
--
Follow Orbeon on Twitter: @orbeon Follow me on Twitter: @avernet |
|
|
Hi Alex,
If the login is correct it is correctly forwarding to the page which is requested. For example if the secure page is http://localhost/sample/xforms-jsp/securedpage. If the login is correct it is forwarding to the page http://localhost/sample/xforms-jsp/securedpage and the browsers url also appeearing as expected such as http://localhost/sample/xforms-jsp/securedpage. But if the login credentials are incorrect it is giving the error page with the browser url http://localhost/sample/xforms-jsp/j_security_check. I solved this by specifying a ErrorServlet in deployment descriptor instead of direct page such as error.xhtml. In ErrorServlet I use sendRedirect to redirect to the error page. It worked fine. Just for curiosity, I want to know the reason why j_security_check ( like xforms_server_submit ) url appearing in browser for in correct login. On Thu, Nov 12, 2009 at 5:05 AM, Alessandro Vernet <[hidden email]> wrote: Phani, -- Phani. S M.Tech(Software Engineering) Motilal Nehru National Institute of Technology (+91) 9010093398 -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws |
Re: Re: Re: Re: Form Based Authentication in Separate Deployment
|
Administrator
|
Phani,
On Wed, Nov 11, 2009 at 11:18 PM, Phani Sajja <[hidden email]> wrote: > If the login is correct it is correctly forwarding to the page > which is requested. For example if the secure page is > http://localhost/sample/xforms-jsp/securedpage. If the login is correct it > is forwarding to the page http://localhost/sample/xforms-jsp/securedpage and > the browsers url also appeearing as expected such as > http://localhost/sample/xforms-jsp/securedpage. But if the login credentials > are incorrect it is giving the error page with the browser url > http://localhost/sample/xforms-jsp/j_security_check. > I solved this by specifying a ErrorServlet in deployment descriptor > instead of direct page such as error.xhtml. In ErrorServlet I use > sendRedirect to redirect to the error page. It worked fine. Just for > curiosity, I want to know the reason why j_security_check ( like > xforms_server_submit ) url appearing in browser for in correct login. curious as well :). When the login fails, you should be taken to the page specified in <form-error-page> of your web.xml. So you should only get to j_security_check when you POST the login/password, and then you should be redirected to either (a) if the login is successful: the you were trying to get to in the first page, (b) if the login failed: the page you specified in <form-error-page>. What did you have in <form-error-page>? Alex -- Orbeon Forms - Web forms, open-source, for the Enterprise Orbeon's Blog: http://www.orbeon.com/blog/ My Twitter: http://twitter.com/avernet -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws
--
Follow Orbeon on Twitter: @orbeon Follow me on Twitter: @avernet |
|
|
Alex,
In <form-error-page> I put error.xhtml page. Which says that invalid user/password and also ask for the user again the login credentials. But the browser url showing j_security_check. In order to point to the error.xhtml page I replaced error.xhtml page with a servlet. Servlet just redirects to the error.xhtml page. After you raised that it is not related ro Orbeon Forms, I run a sample application not related to Orbeon Forms. I observed that it is not related to Orbeon. It is related to j_security_check. It looks to me like this is not related to Orbeon Forms, but I am curious as well :). When the login fails, you should be taken to the -- Phani. S M.Tech(Software Engineering) Motilal Nehru National Institute of Technology (+91) 9010093398 -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws |
Re: Re: Re: Re: Re: Re: Form Based Authentication in Separate Deployment
|
Administrator
|
Phani,
On Fri, Nov 13, 2009 at 9:46 AM, Phani Sajja <[hidden email]> wrote: > In <form-error-page> I put error.xhtml page. Which says that invalid > user/password and also ask for the user again the login credentials. But the > browser url showing j_security_check. The browser window has j_security_check in the URL, but does it show error.xhtml? If it does, maybe this is the way it is supposed to work. (And thanks for confirming that this is not related to Orbeon Forms; still we like here to figure things out!) Alex -- Orbeon Forms - Web forms, open-source, for the Enterprise Orbeon's Blog: http://www.orbeon.com/blog/ My Twitter: http://twitter.com/avernet -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws
--
Follow Orbeon on Twitter: @orbeon Follow me on Twitter: @avernet |
|
|
Alex,
Yes, It is showing error.xhtml page. On Sat, Nov 14, 2009 at 7:46 AM, Alessandro Vernet <[hidden email]> wrote: Phani, -- Phani. S M.Tech(Software Engineering) Motilal Nehru National Institute of Technology (+91) 9010093398 -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws |
Re: Re: Re: Re: Re: Re: Re: Re: Form Based Authentication in Separate Deployment
|
Administrator
|
Phani,
On Fri, Nov 13, 2009 at 9:07 PM, Phani Sajja <[hidden email]> wrote: > Yes, It is showing error.xhtml page. OK, then I'd think this is just how it is supposed to work. Tomcat does a forward (server-side redirect) to error.xhtml, but the browser still has the URL with the j_security_check. Alex -- Orbeon Forms - Web forms, open-source, for the Enterprise Orbeon's Blog: http://www.orbeon.com/blog/ My Twitter: http://twitter.com/avernet -- You receive this message as a subscriber of the [hidden email] mailing list. To unsubscribe: mailto:[hidden email] For general help: mailto:[hidden email]?subject=help OW2 mailing lists service home page: http://www.ow2.org/wws
--
Follow Orbeon on Twitter: @orbeon Follow me on Twitter: @avernet |
«
Return to Orbeon Forms community mailing list
|
1 view|%1 views
| Free forum by Nabble | Edit this page |