Good day to all,

when trying to access to a secured download/upload area on a hhtps
server with Apache + Tomcat , I have to go thru a login page.
Everything seems to go fine till the moment I try to submit the login
form (whose 'action' is set to 'j_security_check') when I receive
the 400 error message 'Invalid direct reference to form login page' ; at
this point any tentative to access to subsequent page fails as I am
resent to
the login page.
It is not a cookie problem as I use in the curl calls the -b option and
I can check with -v that the correct Jsessionid cookie is sent at each
step correctly to the server.
It doesn't seem neither to be a problem due to not have followed the
right steps before calling the login page (I just follow the one my
browser takes).

Here is a sample of the batch used:

curl -v -A "Mozilla/4.0 (MSIE 6.0; Windows NT)" --dump-header header.txt
-b header.txt https://site.to.access
https://site.to.access/portale/index.jsp
https://site.to.access/portale/servlet/Welcome/
https://site.to.access/portale/login.jsp
curl -v -A "Mozilla/4.0 (MSIE 6.0; Windows NT)" -d
"j_username=myusername&j_password=mypassword"
https://site.to.access/portale/j_security_check

I have very little knowledge about Apache and Tomcat,let's say none,
except for a few reading on the net about this error message.

Any help or hint would be greatly appreciated.

Philippe Paclet
Received on 2005-03-23