tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 6279] - Resubmit to j_security_check mistakenly fetches a page of that name
Date Mon, 11 Nov 2002 13:00:24 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6279>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6279

Resubmit to j_security_check mistakenly fetches a page of that name





------- Additional Comments From Brian.Ewins@btinternet.com  2002-11-11 13:00 -------
Supplied a patch, tested with IE6, Mozilla and the admin webapp in the released
TC 4.1.

The behaviour with this patch is that when you attempt to access a secure
resource, you are forwarded to the login page. The login URL does not appear
in the browser. Logging in with correct credentials works, clicking back 
does not bring up the login screen (to me this looks contrary to the 
specced behaviour for user-agents, but it works).

Logging in with incorrect credentials brings up the error page (the URL /is/
shown here), clicking back takes you to the login page, if you correct your
credentials logging in works.

This means that -
- bookmarking login pages is no longer a problem as the login URL is never displayed
- clicking back to get to login pages never causes a problem - you never get to
see it unless its useful.

Seems like a winner?

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message