tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 32837] - double login when using ;jsessionid=
Date Sun, 06 Mar 2005 09:24:27 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=32837>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=32837





------- Additional Comments From tom@tbee.org  2005-03-06 10:24 -------
Since I also had problems with relogin and the session data getting lost, and 
with JNLP files having no-cache settings under IE, I decided to leave the 
Tomcat authentication and write a security filter (doing both BASIC and FORM 
login).

During development I noticed that even though Java Web Start can mimick a 
session (using ";jsessionid=xxxx"), the load-the-jar routines work outside this 
connection and the downloads cause the authentication popup.

So there indeed is no error in Tomcat and the solution should be searched in 
fine tuning the secured domain or convincing JWS to use the established session.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message