Discussions

General J2EE: j_security_check in weblogic

  1. j_security_check in weblogic (1 messages)

    Hi,

    When a web-application uses "j_security_check" , where does it store the name of the original page requested by the user (the one to which user should be redirected after a successful login ) ?

    For example, assuming the following scenario:

    (0) A web application contains a page "secret.html", which is a protected resource, declared to require login. Assume mode is "Form Based Login".

    (1) User is re-directed to "login.jsp", fills in "j_username" and "j_password", and submits them to "j_security_check".

    (2) "j_security_check" checks the user/password. If they are valid, it creates a "LoginContext", and then it has to goto ("secret.html").

    My question is where should i define on successfull login the secret.html page should be redirected and it should not ask for any authentication again for the resources which is under the same context of secret.html has.

    Thanks in advance for your answers
  2. Hi,

    weblogic servlet container stores requested url in a session object called "j_target_url"
    You can retrive it using:

      HttpSession session = request.getSession();
      String targetUrl = (String) session.getAttribute("j_target_url");


    Best regards, Stefano