tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From B...@sjm.com
Subject RE: j_security_check is not found
Date Fri, 28 Jun 2002 21:34:36 GMT
Hi,

Thanks for the replies.

Is there any way to tell j_security_check to go to a certain predetermined
page if a POST is requested without a forward to page?

Thanks.

Bao-Ha Dam Bui
bbui@sjm.com
S. Jude Medical, Inc
651.765.1018


-----Original Message-----
From: Rick Yoesting [mailto:ryoesting@mac.com] 
Sent: Friday, June 28, 2002 4:27 PM
To: Tomcat Users List
Subject: Re: j_security_check is not found

2336 is the number of bytes transferred.

See http://www.bacuslabs.com/WsvlCLF.html for a quick intro to the 
Common Log Format.

The log format is controlled by the "pattern" attribute of your 
<Valve .../> element 
(http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/valve.html).

Rick

On Friday, June 28, 2002, at 02:35 PM, Eric Everman wrote:

> I don't know what the 2336 is.  You would have to check the Tomcat docs 
> to see what its logging.
>
> ee
>
> At 02:20 PM 6/28/2002, you wrote:
>> 127.0.0.1 - csdsfwt [28/Jun/2002:10:48:41 -0600] "POST
>> /security/j_security_check HTTP/1.1" 200 2336
>>
>> do you know what is the number "2336" at the end of the log string 
>> means or
>> signifies?
>>
>> Is that the thread ID to forward to?
>>
>> Bao-Ha Dam Bui
>> bbui@sjm.com
>> S. Jude Medical, Inc
>> 651.765.1018
>>
>>
>> -----Original Message-----
>> From: Eric Everman [mailto:everman@precedadesign.com]
>> Sent: Friday, June 28, 2002 11:53 AM
>> To: Tomcat Users List
>> Subject: Re: j_security_check is not found
>>
>> I can't think of any other way for a server to handle this - the user 
>> will
>> just have to live with the error page or navigate around it.
>>
>> When a user attempts to access a protected resource, they are 
>> forwarded to
>> the login page which posts to j_security_check.  If the login is
>> successful, j_security_check redirects the user to the originally 
>> request
>> resource.  If there is no 'originally request resource' because the 
>> user is
>> attempting to access j_s_c directly, there is no place for j_s_c to
>> redirect to - I'm guessing this is why it sends back the 404 error 
>> response.
>>
>> Most browsers warn the user if they need to re-post information in 
>> order to
>> 'go back' since post means that you are *changing* something on the 
>> server
>> as a result of your action - in this case logging in, in other cases
>> placing a second purchase order for 1000 shares of your favorite stock.
>>
>> In short, tell this person not to ignore the 're-post' warning.  Some
>> things aren't as good the second time ;-)
>>
>> Eric Everman
>>
>> At 10:51 AM 6/28/2002, you wrote:
>> >Hi,
>> >
>> >I am using FORM-BASED authentication.  When a user accesses the 
>> secured
>> area
>> >the first time, the login form is loaded and authentication works 
>> fine.
>> >However, if he/she happens to click on the "Back" button, go to the 
>> Login
>> >form and logs in again (the second time for this session), she gets 
>> 404
>> >error and the page that can not be found is login/j_security_check.
>> >
>> >Can anyone tell me what I should do or where to look?  In the
>> >localhost_access_log, this is the log for the first authentication:
>> >
>> >127.0.0.1 - - [28/Jun/2002:10:48:28 -0600] "POST 
>> /security/j_security_check
>> >HTTP/1.1" 302 647
>> >
>> >this is log for the second attempt:
>> >
>> >127.0.0.1 - csdsfwt [28/Jun/2002:10:48:41 -0600] "POST
>> >/security/j_security_check HTTP/1.1" 200 2336
>> >
>> >As you can see, the second attempt showed the user's name used to
>> >authenticate the first login.
>> >
>> >What do you think this means?
>> >
>> >Thanks very much.
>> >
>> >Bao-Ha Dam Bui
>> >bbui@sjm.com
>> >S. Jude Medical, Inc
>> >651.765.1018
>> >
>>
>>
>> --
>> To unsubscribe, e-mail:
>> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>> For additional commands, e-mail:
>> <mailto:tomcat-user-help@jakarta.apache.org>
>
>
> --
> To unsubscribe, e-mail:   <mailto:tomcat-user-
> unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-user-
> help@jakarta.apache.org>
>


--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message