Debugging j_security_check data

Discussions

General J2EE: Debugging j_security_check data

  1. Debugging j_security_check data (1 messages)

    Is there anyway to see what is posted to j_security_check when doing a form based login? I.E. I want to see what username and password the user inputs... the username is easily seen in the log (and request.getRemoteUser()) but the pw.. Thanks!

    Threaded Messages (1)

  2. Try Servlet filter[ Go to top ]

    In form-based encoding, the password is sent in cleartext by the browser. Its the server which does the encoding and authentication. (see: http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/2.1.0/realm-howto.html ) However, you can try writing a filter to fetch the j_password from the request. Remember to keep the filter pattern different from the protected url pattern. Please reply if you find a solution.