Home/ Questions/Q 8262735
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T03:51:17+00:00

I have a web project working fine in JBOSS with form-based auth. But when

  • 0

I have a web project working fine in JBOSS with form-based auth. But when i deploy the same in websphere 7 i am getting HTTP 500 error.

My web.xml

<display-name>Test</display-name>
<filter>
    <filter-name>struts2</filter-name>
    <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter-mapping>
    <filter-name>struts2</filter-name>
    <url-pattern>*.action</url-pattern>
</filter-mapping>

<welcome-file-list>
    <welcome-file>index.html</welcome-file>
</welcome-file-list>
<listener>
    <listener-class>org.apache.tiles.web.startup.TilesListener</listener-class>
</listener>
<context-param>
    <param-name>org.apache.tiles.impl.BasicTilesContainer.DEFINITIONS_CONFIG</param-name>
    <param-value>/WEB-INF/tiles.xml</param-value>
</context-param>
<security-constraint>
    <web-resource-collection>
        <web-resource-name>test_actions</web-resource-name>
        <description></description>
        <url-pattern>*.action</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description></description>
        <role-name>testuser</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
  <security-role>
    <description></description>
    <role-name>testuser</role-name>
  </security-role>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Default</realm-name>
    <form-login-config>
        <form-login-page>/login_form.jsp</form-login-page>
        <form-error-page>/login_error.jsp</form-error-page>
    </form-login-config>
</login-config>

index.html

<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
    <title>TEST</title>
</head>
<body onload="document.MainForm.submit();">
    <form action="welcomeAction.action" method="post" id="MainForm" name="MainForm">
</form>
</body>
</html>

I have an interceptor AuthorizationInterceptor which extends RolesInterceptor and this interceptor actually check users exsists in our DB request.getUserPrincipal().getName() is used for getting userid.So when welcomeAction.action is called it should have come to AuthorizationInterceptor,but request never reaches here.

In websphere i have enabled global security. Websphere LoginForm example works fine. Should i have to right an j_security_check filter by myself? or websphere webcontainer handle this. (In LoginForm i have seen LoginFilter code). But i believe websphere webcontainer should handle the j_security_check stuff like jboss or tomcat..

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have to create a custom form and submit to j_security_check. WebSphere does not handle this by default.
    Refer: http://www.redbooks.ibm.com/abstracts/tips0220.html?Open

    • 0