tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thill <>
Subject TC4 Realm Problem
Date Thu, 14 Feb 2002 15:05:26 GMT
I just started testing realms with the default
installation that comes with Tomcat 4.0.1, so I'm
using the MemoryRealm.  I'm having an issue where if I
place a servlet in a non-secure area and a jsp page in
a secure area that I can use:


from the servlet to seemingly bypass the security
addressed by the realm and forward right into the
secure area without authenticating.  Can anyone tell
me if this is by design, am I doing something wrong,
or if this is maybe a bug.

Mark T.

Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!

To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message