google app engine - GAE Guestbook Java tutorial. force authentication of /sign servlet causes 405 on redirect -
google app engine - GAE Guestbook Java tutorial. force authentication of /sign servlet causes 405 on redirect -
i've gone throught guestbook tutorial , i've been trying forcefulness authentication /sign servlet. here's i've set in web.xml
<servlet> <servlet-name>sign</servlet-name> <servlet-class>com.google.appengine.demos.guestbook.signguestbookservlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>sign</servlet-name> <url-pattern>/sign</url-pattern> </servlet-mapping> <security-constraint> <web-resource-collection> <web-resource-name>sign</web-resource-name> <url-pattern>/sign/*</url-pattern> <http-method>post</http-method> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> </security-constraint> when attempting sign guestbook redirected login screen correctly 1 time click on "log in" next error
error 405 http method not supported url so seems redirect instead of post.
any help appreciated!
i guess core of issue when user redirected google login page, google doesn't hand them application using post, think get, in summary uncertainty google login preserve original post signature , replay application 1 time user authenticated. 1 approach can go hide sign form if user not logged in , show message asking them click login link. illustration on guestbook.jsp line 80:
<% if (user != null) { %> <form action="/sign" method="post"> <div><textarea name="content" rows="3" cols="60"></textarea></div> <div><input type="submit" value="post greeting"/></div> <input type="hidden" name="guestbookname" value="${fn:escapexml(guestbookname)}"/> </form> <% } else { %> <span>please login first able sign guestbook (click login link above)</span> <% } %> i've not tested way.
other more involved alternative had utilize in past utilize filter in front end of servlet, remember user's original request in session, formulate login url, redirect user it, 1 time user handle original request, complex in case improve off explicitly inquire user authenticate first
java google-app-engine servlets post
Comments
Post a Comment