I guess this was a bug in 5.0.28 according to the servlet spec
(SRV.8.4). If anyone else runs into this issue, the solution is pretty
easy:

String origRequestUrl =
request.getAttribute("javax.servlet.forward.request_uri")


-----Original Message-----
From: Aaron Loucks [mailto:aaronl@GardnerInc.com] 
Sent: Friday, October 28, 2005 12:39 PM
To: users@tomcat.apache.org
Subject: login config bug? request.getRequestURL() returns
form-login-page in Tomcat 5.5.12

request.getRequestURL() is returning the uri of the <form-login-page>
element instead of the original request url in 5.5.12. Is this a bug or
was this intended to be this way? If this is supposed to return the
form-login-page, how do I get the original request URL? Tomcat 5.0.x did
not behave this way -- getRequestURL() returned the original request.

 

For example:

 

web.xml:

 

...

<security-constraint>

  <web-resource-collection>

    <web-resource-name>protected</web-resource-name>

      <url-pattern>/some_protected_url</url-pattern>

    </web-resource-collection>

    <auth-constraint>

      <role-name>admin</role-name>

    </auth-constraint>

  </web-resource-collection>

</security-constraint>

 

<login-config>

  <auth-method>FORM</auth-method>

  <form-login-config>

    <form-login-page>/WEB-INF/login.jsp</form-login-page>

  </form-login-config>

</login-config>

...

 

-----------------

Request to: http://localhost:8080/some_protected_url

------------------

 

login.jsp:

 

...

System.out.println(request.getRequestURL()) // prints
"/WEB-INF/login.jsp" in Tomcat 5.5.12

 

 

...

System.out.println(request.getRequestURL()) // prints
"/some_protected_url" in Tomcat 5.0.28

 

 

 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org