Hello
I have an Java / Tomcat application which creates a cookie for a user when they visit the homepage. This cookie is used to recognize that user on subsequent visits and generate recent lists. These are working well and so far without any type of authentication of the user using Tomcat itself. Which brings me to my issue:
On certain pages of my application, users have the option to post comments or save content created, and of course to maintain their profiles. So what I'm trying to do is have users login on these pages so that the relevant operation can be carried out, e.g. if posting a comment, the user must first login from the current page which is not specifically intended as a login page, rather it displays content created. Or to access a profile page, login must have occurred. I can then record the login in a session variable.
But when I try to login to Tomcat, I am given message 'Invalid direct reference to form login page' but do not quite see why. In my pages, I'm using login code provided with Tomcat, i.e.:
<div id = "login">
<form method = "POST" action='<%= response.encodeURL("j_security_check") %>' >
<table border="0">
<tr>
<th align = "right">Username</th>
<td align = "left"><input type="text" name="j_username"></td>
</tr>
<tr>
<th align = "right">Password</th>
<td align = "left"><input type="password" name="j_password"></td>
</tr>
<tr>
<td align = "right"><input type="submit" value="Log In"></td>
<td align = "left"><input type="reset"></td>
</tr>
</table>
</form>
</div>
I've also tried using a default login page with an HTML iframe but the same message occurs. What I want is for the login to work from the current above, authenticate the user, and then return the user to the page.
Is anyone able to advise? Do I need to use realms in Tomcat or something else?
I'm using Tomcat 6.X.
Thanks
Mr Morgan.