Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 84546 invoked from network); 1 May 2007 17:52:22 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 1 May 2007 17:52:22 -0000 Received: (qmail 21747 invoked by uid 500); 1 May 2007 17:52:15 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 21720 invoked by uid 500); 1 May 2007 17:52:15 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 21709 invoked by uid 99); 1 May 2007 17:52:15 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 May 2007 10:52:15 -0700 X-ASF-Spam-Status: No, hits=1.4 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (herse.apache.org: 128.253.83.142 is neither permitted nor denied by domain of dns4@cornell.edu) Received: from [128.253.83.142] (HELO authusersmtp.mail.cornell.edu) (128.253.83.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 May 2007 10:52:07 -0700 Received: from [128.253.38.45] (dns4-laptop-1.ento.cornell.edu [128.253.38.45]) (authenticated bits=0) by authusersmtp.mail.cornell.edu (8.13.1/8.12.10) with ESMTP id l41Hpjsf006567 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 1 May 2007 13:51:45 -0400 (EDT) Message-ID: <46377E33.8070400@cornell.edu> Date: Tue, 01 May 2007 13:51:47 -0400 From: David Smith User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: j_security_check 404 not found References: <623975960705010907q4bd76e76j93ac9152088a6b99@mail.gmail.com> In-Reply-To: <623975960705010907q4bd76e76j93ac9152088a6b99@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org I'm suspecting you either link to /j_security_check or manually forward there from your pages. Pages in your web project shouldn't ever link to it except the login form and even then only in the action attribute of the form tag. Tomcat will take control when it sees a client trying to access a protected resource without a valid session and return the login page. Your code doesn't have to ever do that. --David Joe A wrote: > if i redeploy my webapp and try to access a protected page, it will show > the login > screen but after clicking login it just reloads the login page instead > of sending me to the protected page. if i reload the login page it will > give me access > to the page i wanted. if i fill in user/pass and hit login a 2nd time it > shows: > > HTTP Status 404 - /j_security_check > > type Status report > > message /j_security_check > > description The requested resource (/j_security_check) is not available. > Apache Tomcat/5.5.20 > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org