Databases
StackOverflow2013
Postsdbo
POSecure web apps in tomcat
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POSecure web apps in tomcat
    text
    copied!<p>I have a web app which runs in apache tomcat, I have used "j_security_check" to protect this application. My code are as follows,</p> <p><strong>login.jsp</strong></p> <pre><code>&lt;div id="loginForm"&gt; &lt;form id="loginfrm" method="post" action="j_security_check"&gt; &lt;table&gt; &lt;tr&gt; &lt;td&gt;User Name&lt;/td&gt; &lt;td&gt;&lt;input type="text" id="name" name="j_username" size="20" /&gt;&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td&gt;Password&lt;/td&gt; &lt;td&gt;&lt;input type="password" id="phone" name="j_password" size="20" /&gt;&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td&gt;&lt;/td&gt; &lt;td align="right"&gt;&lt;input type="submit" value="Login" id="submitButton"&gt;&lt;/td&gt; &lt;/tr&gt; &lt;/table&gt; &lt;/form&gt; &lt;/div&gt; </code></pre> <p><strong>web.xml</strong></p> <pre><code>&lt;web-app ...&gt; &lt;login-config&gt; &lt;auth-method&gt;FORM&lt;/auth-method&gt; &lt;realm-name&gt;Example Form-Based Authentication Area&lt;/realm-name&gt; &lt;form-login-config&gt; &lt;form-login-page&gt;/success.jsp&lt;/form-login-page&gt; &lt;form-error-page&gt;/error.jsp&lt;/form-error-page&gt; &lt;/form-login-config&gt; &lt;/login-config&gt; &lt;/web-app&gt; </code></pre> <p><strong>Error page,</strong></p> <pre><code>&lt;html&gt; &lt;head&gt; &lt;meta http-equiv="Content-Type" content="text/html; charset=UTF-8"&gt; &lt;title&gt;JSP Page&lt;/title&gt; &lt;/head&gt; &lt;body&gt; &lt;h1&gt;Login ERROR!&lt;/h1&gt; &lt;/body&gt; &lt;/html&gt; </code></pre> <p><strong>Success page</strong></p> <pre><code>&lt;html&gt; &lt;head&gt; &lt;meta http-equiv="Content-Type" content="text/html; charset=UTF-8"&gt; &lt;title&gt;JSP Page&lt;/title&gt; &lt;/head&gt; &lt;body&gt; &lt;h1&gt;Login Success&lt;/h1&gt; &lt;/body&gt; &lt;/html&gt; </code></pre> <p>Here when I give a wrong username and a wrong password, error page is showing successfully but when I give correct password and username it shows,</p> <pre><code>HTTP Status 400 - Invalid direct reference to form login page type Status report message Invalid direct reference to form login page description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page). Apache Tomcat/7.0.22 </code></pre> <p>please anyone could tell me where am I wrong?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload