星期四, 八月 12, 2004

JAAS and Form-Authenticate Invalid direct reference to form login page Solution

Tomcat
臭名昭著的:Invalid direct reference to form login page 异常
完全解决方法.
PreCondition:
不要直接访问Login页面,让Tomcat Container自己在需要的时候调用Login页面

其他的Callbacker和其他相关问题,参考2004.3月文章.

出现Invalid direct reference to form login page 的关键原因在web.xml中的配置有问题.
注意的问题,千万不要遗漏下面几行:
<realm-name>FDS<realm-name>
<auth-constraint>
<role-name></role-name>
</auth-constraint>

完整的例子:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>ehrm</display-name>
<description>ehrm JAAS</description>

<filter>
<filter-name>encodecontroler</filter-name>
<filter-class>com.goldpeak.ehrm.services.EncodeControler</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodecontroler</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet-name>FMEntryPoint</servlet-name>
<servlet-class>com.gp.framework.control.web.MainServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>FMEntryPoint</servlet-name>
<url-pattern>/control/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>/control/security/login</welcome-file>
</welcome-file-list>

<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/control/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name></role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>

</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>FDS</realm-name>
<form-login-config>
<form-login-page>/control/security/login</form-login-page>
<form-error-page>/config/error.jsp</form-error-page>
</form-login-config>

</login-config>
<!--security-role>
<description>A Funky User</description>
<role-name>FunkyUser</role-name>
</security-role-->

<env-entry>
<env-entry-name>DatabaseJNI</env-entry-name>
<env-entry-value>java:/MySqlDS</env-entry-value>
<env-entry-type>java.lang.String</env-entry-type>
</env-entry>

</web-app>