tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Everman <ever...@precedadesign.com>
Subject RE: j_security_check is not found
Date Fri, 28 Jun 2002 19:35:32 GMT
I don't know what the 2336 is.  You would have to check the Tomcat docs to 
see what its logging.

ee

At 02:20 PM 6/28/2002, you wrote:
>127.0.0.1 - csdsfwt [28/Jun/2002:10:48:41 -0600] "POST
>/security/j_security_check HTTP/1.1" 200 2336
>
>do you know what is the number "2336" at the end of the log string means or
>signifies?
>
>Is that the thread ID to forward to?
>
>Bao-Ha Dam Bui
>bbui@sjm.com
>S. Jude Medical, Inc
>651.765.1018
>
>
>-----Original Message-----
>From: Eric Everman [mailto:everman@precedadesign.com]
>Sent: Friday, June 28, 2002 11:53 AM
>To: Tomcat Users List
>Subject: Re: j_security_check is not found
>
>I can't think of any other way for a server to handle this - the user will
>just have to live with the error page or navigate around it.
>
>When a user attempts to access a protected resource, they are forwarded to
>the login page which posts to j_security_check.  If the login is
>successful, j_security_check redirects the user to the originally request
>resource.  If there is no 'originally request resource' because the user is
>attempting to access j_s_c directly, there is no place for j_s_c to
>redirect to - I'm guessing this is why it sends back the 404 error response.
>
>Most browsers warn the user if they need to re-post information in order to
>'go back' since post means that you are *changing* something on the server
>as a result of your action - in this case logging in, in other cases
>placing a second purchase order for 1000 shares of your favorite stock.
>
>In short, tell this person not to ignore the 're-post' warning.  Some
>things aren't as good the second time ;-)
>
>Eric Everman
>
>At 10:51 AM 6/28/2002, you wrote:
> >Hi,
> >
> >I am using FORM-BASED authentication.  When a user accesses the secured
>area
> >the first time, the login form is loaded and authentication works fine.
> >However, if he/she happens to click on the "Back" button, go to the Login
> >form and logs in again (the second time for this session), she gets 404
> >error and the page that can not be found is login/j_security_check.
> >
> >Can anyone tell me what I should do or where to look?  In the
> >localhost_access_log, this is the log for the first authentication:
> >
> >127.0.0.1 - - [28/Jun/2002:10:48:28 -0600] "POST /security/j_security_check
> >HTTP/1.1" 302 647
> >
> >this is log for the second attempt:
> >
> >127.0.0.1 - csdsfwt [28/Jun/2002:10:48:41 -0600] "POST
> >/security/j_security_check HTTP/1.1" 200 2336
> >
> >As you can see, the second attempt showed the user's name used to
> >authenticate the first login.
> >
> >What do you think this means?
> >
> >Thanks very much.
> >
> >Bao-Ha Dam Bui
> >bbui@sjm.com
> >S. Jude Medical, Inc
> >651.765.1018
> >
>
>
>--
>To unsubscribe, e-mail:
><mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail:
><mailto:tomcat-user-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message