Debugging j_security_check data

Debugging j_security_check data

Home
>Discussions
>General J2EE
> Debugging j_security_check data

Discussions

General J2EE: Debugging j_security_check data

Get thread feed

Debugging j_security_check data (1 messages)
- Posted by: Thomas Rolf
- Posted on: October 21 2008 03:34 EDT
Is there anyway to see what is posted to j_security_check when doing a form based login? I.E. I want to see what username and password the user inputs... the username is easily seen in the log (and request.getRemoteUser()) but the pw.. Thanks!

Reply to this
Threaded Messages (1)
- Try Servlet filter by Rahul Mohan on October 21 2008 06:26 EDT
Try Servlet filter[ Go to top ]
- Posted by: Rahul Mohan
- Posted on: October 21 2008 06:26 EDT
- in response to Thomas Rolf
In form-based encoding, the password is sent in cleartext by the browser. Its the server which does the encoding and authentication. (see: http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/2.1.0/realm-howto.html ) However, you can try writing a filter to fetch the j_password from the request. Remember to keep the filter pattern different from the protected url pattern. Please reply if you find a solution.

Reply to this Reply to original

About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site | Media Kits | Reprints | Site Map

All Rights Reserved, Copyright 2000 - 2,017, TechTarget | Terms of Use | Read our Privacy Statement

TechTarget - The IT Media ROI Experts