tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nathan McMinn" <nmcm...@charter.net>
Subject Re: Repost: Double Login
Date Wed, 08 Jan 2003 14:26:51 GMT
Nope, it is just HTTP BASIC authentication, running over SSL.  And there is
no magic url or domain trickery going on.  The really unusual part is that
with a memory realm, I didn't have this problem.  It only popped up after
switching to a JDBC Realm.

----- Original Message -----
From: "Troy J. Kelley" <tkelley@e-gineering.com>
To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
Sent: Wednesday, January 08, 2003 8:23 AM
Subject: RE: Repost: Double Login


> Are you using cookies or URL re-writing for session identifier?
>
> Are you doing anything funky with domain names or other such trickery
> which would cause your cookie to not be available upon doing the
> forward?
>
> -Troy
>
> -----Original Message-----
> From: Nathan McMinn [mailto:nmcminn@charter.net]
> Sent: Wednesday, January 08, 2003 9:07 AM
> To: tomcat-user@jakarta.apache.org
> Subject: Repost: Double Login
>
> Hi all,
>
> Some of you had been kind enough to assist with this issue I posted
> previously.  I had thought it was fixed, but it has appeared again.  Any
> ideas?
>
>
> I recently switched a web application from a memory realm to a JDBC
> realm
> for authentication.  After making the switch, the web app now requires
> that
> users log in twice.  The app is running with SSL, and using Basic
> authentication.  The Login.jsp page listed in the XML below as the
> welcome
> file simply sets up session objects, etc.  The first login occurs before
> the
> Login.jsp page will load.  Once all of the session setup is complete,
> the
> Login.jsp page forwards the user to the application's main menu.  It is
> at
> this point that the system asks for another login.  Has anyone seen this
> behavior before? I've already searched Google, JGuru, etc etc.  This is
> the
> current web.xml for the application having the problem.  Any help would
> be
> greatly appreciated.
>
> Thanks..
> Nathan McMinn
>
> <web-app>
>
>     <mime-mapping>
>       <extension>js</extension>
>       <mime-type>text/javascript</mime-type>
>     </mime-mapping>
>
>   <welcome-file-list>
>     <welcome-file>Login.jsp</welcome-file>
>   </welcome-file-list>
>
>     <security-constraint>
>       <display-name>WWEX Security Constraint</display-name>
>       <web-resource-collection>
>          <web-resource-name>DELETED</web-resource-name>
>          <!-- Define the context-relative URL(s) to be protected -->
>          <url-pattern>/*</url-pattern>
>       </web-resource-collection>
>       <auth-constraint>
>          <!-- Anyone with one of the listed roles may access this area
> -->
>          <role-name>user</role-name>
>       </auth-constraint>
>       <user-data-constraint>
>   <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>       </user-data-constraint>
>     </security-constraint>
>
>     <login-config>
>       <auth-method>BASIC</auth-method>
>       <realm-name>DELETED</realm-name>
>     </login-config>
>
> </web-app>
>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:tomcat-user-help@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>
>



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message