0

when doing login in my login form which is based on j_security_check all ok. in that case I see that the path in JSESSIONID cookie has a value from the URL. but when a nother login page construct dynamic form (it is doing submit to the first login page with /j_security_check at the end of the url) to do the login it fails and I see JSESSIONID cookie has an empty value in the path.

when doing login/logout to the first page so the JSESSIONID still exist the login using the second login page works fine.

so I thought maybe possible to modify something in the j_security_check process to ok the empty path.

thanks.

user1703401
  • 11
  • 3

1 Answers1

0

This is default behaviour and work around for this will be to set default page in web.xml. So that once successfully logged when user directly tries to access login page, the application server will redirect to default page say welcome.jsp.

Remember to protect this page (welcome.jsp) either using servlet filter or j_security so that this page cannot be directly accessed without successful authentication.

web.xml

<welcome-file-list>
    <welcome-file>/app/welcome.jsp</welcome-file>
</welcome-file-list>
ad-inf
  • 1,520
  • 4
  • 30
  • 53