Return-Path: Delivered-To: apmail-struts-user-archive@www.apache.org Received: (qmail 75573 invoked from network); 3 Jun 2008 19:20:50 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 3 Jun 2008 19:20:50 -0000 Received: (qmail 48352 invoked by uid 500); 3 Jun 2008 19:20:44 -0000 Delivered-To: apmail-struts-user-archive@struts.apache.org Received: (qmail 48323 invoked by uid 500); 3 Jun 2008 19:20:44 -0000 Mailing-List: contact user-help@struts.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Struts Users Mailing List" Reply-To: "Struts Users Mailing List" Delivered-To: mailing list user@struts.apache.org Received: (qmail 48312 invoked by uid 99); 3 Jun 2008 19:20:44 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Jun 2008 12:20:44 -0700 X-ASF-Spam-Status: No, hits=-1.0 required=10.0 tests=RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of jak-struts-user@m.gmane.org designates 80.91.229.2 as permitted sender) Received: from [80.91.229.2] (HELO ciao.gmane.org) (80.91.229.2) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Jun 2008 19:19:47 +0000 Received: from root by ciao.gmane.org with local (Exim 4.43) id 1K3c39-0006Ix-6B for user@struts.apache.org; Tue, 03 Jun 2008 19:20:03 +0000 Received: from cpe0016b5ef7ea1-cm0014e88ef4b4.cpe.net.cable.rogers.com ([99.233.20.4]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 03 Jun 2008 19:20:03 +0000 Received: from laurie by cpe0016b5ef7ea1-cm0014e88ef4b4.cpe.net.cable.rogers.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 03 Jun 2008 19:20:03 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: user@struts.apache.org From: Laurie Harper Subject: Re: login problem Date: Tue, 03 Jun 2008 15:16:27 -0400 Lines: 27 Message-ID: References: <785446.46878.qm@web33703.mail.mud.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: cpe0016b5ef7ea1-cm0014e88ef4b4.cpe.net.cable.rogers.com User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) In-Reply-To: <785446.46878.qm@web33703.mail.mud.yahoo.com> Sender: news X-Virus-Checked: Checked by ClamAV on apache.org Anet wrote: > Hi > I have a problem with "security-constraint" in tomcat 5.5. I use struts 1.2. > when we used tomcat 4.1.29, there were no problem with pages needed login. > with tomcat 5.5.17, I had to put role-names into my web.xml file to solve login problem. > But now I have another problem. > I have a form... needs login to be accessed. > the user logins successfully.the form is shown to him. > (in the code, saveToken() called ) > now he fills the form,but leaves his work,=>his session expired... > the user comes back.puts the submit button and redirects to login page. > he logins...and the process of submit should be done. > (in the code, isTokenValid(Request) called and returns false....) > it is expected to continue the process... > I didn't have this problem while using tomcat 4.1 . > Would you mind help me for it? I have no idea... If I understand you correctly, you are using container managed security and seeing an inconsistency in behaviour between Tomcat 4.1.29 and 5.5.17. Struts is not involved in CMS processing in any way, so I would suspect a Tomcat and/or configuration problem. Does it work as you expect if you take out the saveToken / isTokenValid stuff? If that fixes the problem, there may be Struts-related issue here. Otherwise, you should probably pursue this on the Tomcat forums. L. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@struts.apache.org For additional commands, e-mail: user-help@struts.apache.org