tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vincenzo Marchese <>
Subject Re: Invalid direct reference to form login page
Date Thu, 09 May 2002 09:20:20 GMT
What do you have in your form-login and form-error node in web.xml file 
and what is are the protected urls ?
login page Must not be directly accessed by any of your pages (you know 

if you protected correctly your contexts you should be automatically 
redirected to login page.
you should never redirect in your code to login -page because is a 
server competence.

can you post an excerpt from your web.xml and server.xml (or app conf 
file) files ?

Best regards,

Lisa van Gelder wrote:

>Hi guys
>I am running Tomcat 4.0.1. I have tomcat set up to authenticate using a jdbc
>realm and it automatically forwards you to the login page when you are not
>logged in.
>The problem is that when you are not logged in and you try and access a
>page, often you get the following message:
>type Status report
>message Invalid direct reference to form login page
>description The request sent by the client was syntactically incorrect
>(Invalid direct reference to form login page).
>I understand that you are not permitted to reference the login page
>directly, but this happens irrespective of the url you are trying to access:
>ie: http://myserver/myapp/index.jsp which is completely seperate to my login
>page. The only way to get into my app is to retype the url and try again.
>Apologies if this is something simple - I have searched the archives and not
>found a solution.
>thanks in advance
>To unsubscribe, e-mail:   <>
>For additional commands, e-mail: <>

   "The intrepid Spaceman Spiff is stranded on a distant planet!
   ..our hero ruefully acknowledges that this happens fairly
   frequently.."              --- Calvin and Hobbes
      Vincenzo  Marchese
        ARSRETIA S.r.l.
      Via D. Sansotta, 97
        00144 Roma (IT)
     Tel.: +39 06 52270097
     Fax: +39 06 52272313

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message