Orbeon Forms community mailing list
Login  Register

authentication samples

classic Classic list List threaded Threaded
4 messages Options Options
 
Embed post
Permalink
hodack
Reply | Threaded
Open this post in threaded view
| More
Print post
Permalink
Aug 23, 2007; 10:21am

authentication samples

hodack
Hi,

In the authentication samples, if login is not successful, password and
username are transmitted in clear in the URL, is it possible to change
this behavior ?

Thanks.



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
hodack
Reply | Threaded
Open this post in threaded view
| More
Print post
Permalink
Aug 24, 2007; 8:30am

Re: authentication samples

hodack
To be more precise, here is what appears on the URL bar :
ops/j_security_check?j_username=username&j_password=psswd
if authentication is not successful.


Kim-Vân Ho-Dac a écrit :
> Hi,
>
> In the authentication samples, if login is not successful, password
> and username are transmitted in clear in the URL, is it possible to
> change this behavior ?
>
> Thanks.
>




--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Alessandro Vernet
Reply | Threaded
Open this post in threaded view
| More
Print post
Permalink
Sep 12, 2007; 4:02am

Re: authentication samples

Alessandro Vernet
Administrator
On 8/24/07, Kim-Vân Ho-Dac <[hidden email]> wrote:
> To be more precise, here is what appears on the URL bar :
> ops/j_security_check?j_username=username&j_password=psswd
> if authentication is not successful.

Yes, it is just a matter of adding method="post" on the form used to
get the login/password in login.xhtml. And you are right, we should do
that. So I modified to example to add method="post".

Alex
--
Orbeon Forms - Web 2.0 Forms, open-source, for the Enterprise
http://www.orbeon.com/



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Vlad
Reply | Threaded
Open this post in threaded view
| More
Print post
Permalink
Jul 22, 2012; 9:14pm

Re: authentication samples

Vlad
Hello,

I'm having a Java authentication - related problem . After clicking login in the form (login.xhtml) I get the following error (the URL I see in the address bar is localhost:8080/orbeon/j_security_check) :


Orbeon Forms - Page Not Found

We are sorry, but the resource you have requested is not available on this server.


Maybe that's not the correct URL for j_security_check ?

I get this error in any application , as well as java-authentication example application.

This is my <login-config> element in web.xml :

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/java-authentication/login</form-login-page>
            <form-error-page>/java-authentication/login-error</form-error-page>
        </form-login-config>
    </login-config>

The pop-up authentication works fine , only the one from the interface "throws" that error.

Just to mention it , I didn't change the content of login.xhtml , it's the default one ; it uses POST and the form action attr is "/j_security_check" :

<form action="/j_security_check" method="post">


Thank you !
Free forum by Nabble Edit this page