Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 58855 invoked from network); 15 Oct 2003 08:57:39 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 15 Oct 2003 08:57:39 -0000 Received: (qmail 4999 invoked by uid 500); 15 Oct 2003 08:56:52 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 4978 invoked by uid 500); 15 Oct 2003 08:56:52 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 4964 invoked from network); 15 Oct 2003 08:56:51 -0000 Received: from unknown (HELO moutng.kundenserver.de) (212.227.126.177) by daedalus.apache.org with SMTP; 15 Oct 2003 08:56:51 -0000 Received: from [212.227.126.160] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1A9hSq-00051D-00 for tomcat-user@jakarta.apache.org; Wed, 15 Oct 2003 10:57:04 +0200 Received: from [80.128.15.56] (helo=cyberspaceroad.com) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 1A9hSq-0008V0-00 for tomcat-user@jakarta.apache.org; Wed, 15 Oct 2003 10:57:04 +0200 Message-ID: <3F8D0BB5.3050609@cyberspaceroad.com> Date: Wed, 15 Oct 2003 10:56:21 +0200 From: Adam Hardy User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20030925 X-Accept-Language: de-de, en, en-us MIME-Version: 1.0 To: Tomcat Users List Subject: Re: TC5 ssl form-based authentication & mozilla References: <3F8C28F2.90801@cyberspaceroad.com> <3F8D0637.4080905@jboss.org> In-Reply-To: <3F8D0637.4080905@jboss.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N On 10/15/2003 10:32 AM Remy Maucherat wrote: >> With this security: >> >> >> SSL 4 Login >> /login.do >> >> >> user >> admin >> >> >> CONFIDENTIAL >> >> >> when I try to login to my login.do mapping, in mozilla I get repeated >> login requests from tomcat. The first time twice only, the 2nd time 5 >> times, 3rd time 10 times etc etc. >> >> I can see from my logging that the realm login is successful, but >> tomcat keeps giving the login page as stated. >> >> This does not happen in IE6 or lynx, in which the login works as normal. >> >> Has anybody else experienced this? > > > Did you get correctly switched to SSL mode ? > Yes. I have reduced the webapp to a minimum and bundled it in a war at http://www.cyberspaceroad.com/test.war (right click it & "save target as...") if you want to see what I'm doing. It contains the struts.jar and is therefore 0.85MB. If you don't have broadband I can bundle it without the jars too. Sometimes the ssl form-based authentication loops on the login page, and sometimes it gives the "invalid direct reference" error. As mentioned above, the non-SSL normal form-based login works fine. In IE6 it works fine too. Rgds Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org