tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 20816] New: - Realm Authentication does not restore Original "POST" request.
Date Mon, 16 Jun 2003 15:29:10 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20816>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20816

Realm Authentication does not restore Original "POST" request.

           Summary: Realm Authentication does not restore Original "POST"
                    request.
           Product: Tomcat 4
           Version: 4.1.18
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: raman@zed-axis.com


The Form Based Realm Authentication is not able to recreate the original post 
request.

To recreate the problem:

-Request a page protected with Form Based authentication.
-Login to the application.
-Stop at a page which has a form with method "POST", till session times 
out/context is reloaded.
-After session times out, Hit the submit button, you will be asked to login 
again.
-org.apache.catalina.authenticator.FormAuthenicator saves the request 
parameters with the request in session, before taking you to the login page.
-After successful login, it should take you to the orgininal URI requested 
along with FORM parameters.

But one gets redirected to the original request URI. All the parameters with 
the request are lost.

Either the user should be forwarded to the original request URI, or the Form 
Parameters with the original request should be saved as query string to be 
appended to the request URI, so that even after redirecting to the original 
URI, we have access to the parameters.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message