tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 13861] - Authentication / SSL conflict (web.xml security-constraint auth-constraint user-data-constraint)
Date Thu, 17 Jul 2003 23:04:05 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13861>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13861

Authentication / SSL conflict (web.xml security-constraint auth-constraint user-data-constraint)





------- Additional Comments From medthomas@ntlworld.com  2003-07-17 23:04 -------
As far as I can tell this is an IE bug. Using the snoop example, Tomcat first 
redirects to SSL and then performs a second redirect to the form login jsp.
The response sent by IE to the first redirect comes in on port 8443 but the 
request headers refer to port 8080 (read in 
org.apache.coyote.http11.Http11Processor.parseHost()). This causes the second 
redirect to fail because the port in the request is used when constructing the 
second redirect.

You will not see this problem if the standard ports are used because Tomcat 
defaults to these if the port is not specified in the headers.

Work arounds are as suggested in the previous posts
1. Use the standard ports
2. Use a two stage re-direct

I'll start a discussion on the developers list to gather opinions as to what, 
if anything, we should do about what looks very much like an IE bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message