tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: How to prevent direct access to login.jsp
Date Tue, 09 Dec 2003 14:46:37 GMT
Sure

On 12/09/2003 02:52 PM Chaikin, Yaakov Y (US SSA) wrote:
> Tomcat 5 is a stable release now?
> 
> Yaakov Chaikin
> Software Engineer
> BAE SYSTEMS
> 301-838-6899 (phone)
> 301-838-6802 (fax)
> yaakov.y.chaikin@baesystems.com
> 
> 
> 
>>-----Original Message-----
>>From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
>>Sent: Tuesday, December 09, 2003 5:10 AM
>>To: Tomcat Users List
>>Subject: Re: How to prevent direct access to login.jsp
>>
>>On 12/08/2003 11:59 PM Chaikin, Yaakov Y (US SSA) wrote:
>>
>>>I realized that my user can mess himself by bookmarking the login
> 
> page
> 
>>>he is asked to log in. The login.jsp appears in the URL address in
> 
> the
> 
>>>browser...
>>>
>>>Does anyone know how to avoid this? How do I block that URL for the
> 
> user
> 
>>>and not for the server?
>>
>>Hi Yaakov,
>>I think the best way to deal with this situation is to configure
> 
> tomcat
> 
>>to catch the error status 403 or whatever it is and then serve up an
>>error page with a calm, logical explanation of why they shouldn't do
> 
> that.
> 
>>Or upgrade to tomcat 5.
>>
>>
>>Adam
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


-- 
struts 1.1 + tomcat 5.0.16 + java 1.4.2
Linux 2.4.20 Debian

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message