j_security_check
just doesn't seem enough for me to perform login process. So, instead of submitting the form to j_security_check i created my own servlet and in that i am programmatically trying to do login. This works but i am not able to redirect to my restricted resource. Can anybody tell me what can be the problem? This is processRequest
method of my servlet :-
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
try {
String strUsername = request.getParameter("txtusername");
String strPassword = request.getParameter("txtpassword");
if(strUsername == null || strPassword == null || strUsername.equals("") || strPassword.equals(""))
throw new Exception("Username and/or password missing.");
request.login(strUsername, strPassword);
System.out.println("Login succeeded!!");
if(request.isUserInRole(ROLES.ADMIN.getValue())){//enum
System.out.println("Found in Admin Role");
response.sendRedirect("/app/Admin/home.jsf");
}
else if (request.isUserInRole(ROLES.GENERAL.getValue()))
response.sendRedirect("/app/Common/index.jsf");
else //guard
throw new Exception("No role for user " + request.getRemoteUser());
}catch(Exception ex){
//patch work why there needs to be blogger here?
System.out.println("Invalid username and/or password!!");
response.sendRedirect("/app/Common/index.jsf");
}finally {
out.close();
}
}
Everything works fine and i can even see message "Found in Admin Role" but problem is even after authenticating i am not able to redirect my request to some other page.