Return-Path: 
 <users-return-160719-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org>
Delivered-To: apmail-tomcat-users-archive@www.apache.org
Received: (qmail 61838 invoked from network); 4 Apr 2007 07:42:26 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 4 Apr 2007 07:42:26 -0000
Received: (qmail 43472 invoked by uid 500); 4 Apr 2007 07:42:20 -0000
Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org
Received: (qmail 43453 invoked by uid 500); 4 Apr 2007 07:42:20 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 43442 invoked by uid 99); 4 Apr 2007 07:42:19 -0000
Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2007 00:42:19 -0700
X-ASF-Spam-Status: No, hits=2.0 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (herse.apache.org: domain of kenneth.westelinck@gmail.com
 designates 209.85.132.248 as permitted sender)
Received: from [209.85.132.248] (HELO an-out-0708.google.com) (209.85.132.248)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2007 00:42:11 -0700
Received: by an-out-0708.google.com with SMTP id d31so146948and
        for <users@tomcat.apache.org>; Wed, 04 Apr 2007 00:41:50 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=flMnxE3KIB1L1sb3bNDG6Iwb3L1IPRoU3ZVxpvzd089SsAnrzbatrvo58DPVTYFv7Y7OWO669bGPfOfHKDmXNINyl67kqG9yU0H3TYoblTDtEQ/bLSrhEVRLw7Hy7fB9mYHigNYrttW5NXLEE/jk5ejTyN5rn5GJEwnyjKb1OsQ=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=Qh/SWa/NFo5X0mxzY83ww4AhbP3LV7cvvJKIsd2fPC9y3Vw4QMQ0BDQBNSpgfpuuuFi0T/T2aaS80hEKJBU8tSbXTbBsjKFU5hdbDIpvJraqdOEiY9M7VadXhWOSh7CWclmzkMfbx/5yvviSRuAHDSuJl+WUP+6NEcSEIFc9PYw=
Received: by 10.100.133.9 with SMTP id g9mr236487and.1175672510541;
        Wed, 04 Apr 2007 00:41:50 -0700 (PDT)
Received: by 10.100.239.6 with HTTP; Wed, 4 Apr 2007 00:41:50 -0700 (PDT)
Message-ID: <7239d1e30704040041l6fb067abmc5b58a1ed5e29864@mail.gmail.com>
Date: Wed, 4 Apr 2007 09:41:50 +0200
From: "Kenneth Westelinck" <kenneth.westelinck@gmail.com>
To: "Tomcat Users List" <users@tomcat.apache.org>
Subject: Re: Need help with authentication
In-Reply-To: <46123DAD.7040208@apache.org>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_31921_8733218.1175672510486"
References: <7239d1e30703300220q7a00d002h6d145de312b7e545@mail.gmail.com>
	 <460CF288.6040406@oma.be>
	 <7239d1e30703300619x231895ddx2a09115bf117456c@mail.gmail.com>
	 <7239d1e30703300638g7619a369v3f4eb50884c29589@mail.gmail.com>
	 <7239d1e30704030107n1a1703abrc15e263c3da0d73b@mail.gmail.com>
	 <46123DAD.7040208@apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

------=_Part_31921_8733218.1175672510486
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Ok, here is some headers I found with "fiddler":
>From firefox:

- Request 1:
GET /eai-admin/ HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3)
Gecko/20070309 Firefox/2.0.0.3
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Cookie: JSESSIONID=8BE2C3B8AD18A29D2229F467A9391307
If-Modified-Since: Fri, 23 Feb 2007 15:40:10 GMT
If-None-Match: W/"1827-1172245210656"
- Reply 1:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 602
Date: Wed, 04 Apr 2007 07:27:13 GMT

<html>
<head>
<title>Login Page for Examples</title>
<body bgcolor="white">
<form method="POST" action='j_security_check' >
  <table border="0" cellspacing="5">
    <tr>
      <th align="right">Username:</th>
      <td align="left"><input type="text" name="j_username"></td>
    </tr>
    <tr>
      <th align="right">Password:</th>
      <td align="left"><input type="password" name="j_password"></td>
    </tr>
    <tr>
      <td align="right"><input type="submit" value="Log In"></td>
      <td align="left"><input type="reset"></td>
    </tr>
  </table>
</form>
</body>
</html>
Reply 1 is normal, this is my login page.

- Then I submit the login, Request 2:
POST /eai-admin/j_security_check HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3)
Gecko/20070309 Firefox/2.0.0.3
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://localhost:8080/eai-admin/
Cookie: JSESSIONID=8BE2C3B8AD18A29D2229F467A9391307
Content-Type: application/x-www-form-urlencoded
Content-Length: 30

j_username=tim&j_password=test
- Reply 2
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: http://localhost:8080/eai-admin/
Content-Length: 0
Date: Wed, 04 Apr 2007 07:27:17 GMT

- So I get redirected:
GET /eai-admin/ HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3)
Gecko/20070309 Firefox/2.0.0.3
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://localhost:8080/eai-admin/
Cookie: JSESSIONID=8BE2C3B8AD18A29D2229F467A9391307
- Reply 3:
HTTP/1.1 304 Not Modified
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
Date: Wed, 04 Apr 2007 07:27:17 GMT

For IE I can see the following:
- Request 1:
GET /eai-admin/ HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: nl-be
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
2.0.50727; .NET CLR 1.1.4322)
Host: localhost:8080
Proxy-Connection: Keep-Alive
- Reply 1:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
Set-Cookie: JSESSIONID=619A92CCA43BBE0FB205AA7455360214; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 646
Date: Wed, 04 Apr 2007 07:30:35 GMT

<html>
<head>
<title>Login Page for Examples</title>
<body bgcolor="white">
<form method="POST"
action='j_security_check;jsessionid=619A92CCA43BBE0FB205AA7455360214' >
  <table border="0" cellspacing="5">
    <tr>
      <th align="right">Username:</th>
      <td align="left"><input type="text" name="j_username"></td>
    </tr>
    <tr>
      <th align="right">Password:</th>
      <td align="left"><input type="password" name="j_password"></td>
    </tr>
    <tr>
      <td align="right"><input type="submit" value="Log In"></td>
      <td align="left"><input type="reset"></td>
    </tr>
  </table>
</form>
</body>
</html>

- Request 2:
POST /eai-admin/j_security_check;jsessionid=619A92CCA43BBE0FB205AA7455360214
HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, */*
Referer: http://localhost:8080/eai-admin/
Accept-Language: nl-be
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
2.0.50727; .NET CLR 1.1.4322)
Host: localhost:8080
Content-Length: 30
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: JSESSIONID=619A92CCA43BBE0FB205AA7455360214

j_username=tim&j_password=test
- Reply 2:
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: http://localhost:8080/eai-admin/
Content-Length: 0
Date: Wed, 04 Apr 2007 07:30:39 GMT

- Request 3:
GET /eai-admin/ HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, */*
Referer: http://localhost:8080/eai-admin/
Accept-Language: nl-be
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
2.0.50727; .NET CLR 1.1.4322)
Host: localhost:8080
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: JSESSIONID=619A92CCA43BBE0FB205AA7455360214
- Reply 3:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
ETag: W/"1827-1172245210656"
Last-Modified: Fri, 23 Feb 2007 15:40:10 GMT
Content-Type: text/html
Content-Length: 1827
Date: Wed, 04 Apr 2007 07:30:39 GMT

<html>
<head>
... rest of the html page.

So when using IE, I get redirected correctly and the page is returned in
Reply 3. In firefox, nothing is returned in Reply 3.

------=_Part_31921_8733218.1175672510486--