tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Asare Samuel <s_as...@yahoo.co.uk>
Subject Re: Realms
Date Sat, 25 Nov 2006 15:21:09 GMT
olivier nouguier,
   
  Thank you so much, a great help!
   
  sam

olivier nouguier <olivier.nouguier@gmail.com> wrote:
  On 11/25/06, Asare Samuel wrote:
>
> Thank you for your speedly reply. Let me get this straight are you saying
> you can't access the login page directly and that the only thing that should
> be accessed directly is the item (ie page)your are protecting.


Yes definitively, when using FORM scheme !

If so, you have hit the nail on the head. I am currently allowing the user
> to access the login page first, and then the system passes users to the
> secured page. This is wrong according to your mail???


Yap, all you have to is to point on a secured resource, the user will be
redirected (internaly aka forward (tomcat > 5)) to the login page!

sam
>
>
> olivier nouguier wrote:
> hi,
> You are using the FORM authentication scheme!
> This scheme imply that:
> 1: a secured resource is accessed.
> 2: login (error-page) is given
> 3: login occures
> 4: secured resource (1) is given (with a GET !)
>
> 408 error code may occurs if:
> a - login page is access directly ( starting at stage 2).
> b - session expired between stage 2 and 3.
>
> To avoid (a) you should set error-page hidden ( eg /WEB-INF/jsp/login.jsp)
> if tomcat > 5
> The treat (b) you should have a custom 408 error page
>
> HIH
>
> On 11/24/06, Asare Samuel wrote:
> >
> > I have put a realm on a page on one of my Html pages using the FORM
> based
> > realm. 1-sometimes i get this message: message HTTP Status 408 -
> > The time allowed for the login process has been exceeded. If you wish to
> > continue you must either click back twice and re-click the link you
> > requested or close and re-open your browser description The client did
> > not produce a request within the time that the server was prepared to
> wait
> > (The time allowed for the login process has been exceeded. If you wish
> to
> > continue you must either click back twice and re-click the link you
> > requested or close and re-open your browser). 2-If I have already
> > loged-in and I login again, i get the following:
> >
> > HTTP Status 404 - /LeeOasis/html/j_security_check
> >
> > type Status report
> > message /LeeOasis/html/j_security_check
> > description The requested resource (/LeeOasis/html/j_security_check) is
> > not available.
> >
> > Please help
> >
> >
> > ---------------------------------
> > Try the all-new Yahoo! Mail . "The New Version is radically easier to
> use"
> > – The Wall Street Journal
> >
>
>
>
> --
> "Souviens-toi qu'au moment de ta naissance tout le monde était dans la
> joie
> et toi dans les pleurs.
> Vis de manière qu'au moment de ta mort, tout le monde soit dans les pleurs
> et toi dans la joie."
>
>
> Send instant messages to your online friends http://uk.messenger.yahoo.com
>



-- 
"Souviens-toi qu'au moment de ta naissance tout le monde était dans la joie
et toi dans les pleurs.
Vis de manière qu'au moment de ta mort, tout le monde soit dans les pleurs
et toi dans la joie."


 Send instant messages to your online friends http://uk.messenger.yahoo.com 
Mime
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message