tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Tomcat 5.5.23: cannot return to login page??
Date Thu, 06 Sep 2007 21:52:14 GMT
Hash: SHA1


shunhecun wrote:
> My application uses MemoryRealm and FORM-based authentication. 


> In the file tomcat-users.xml, there is an user called "view", which belongs
> to role "users".  The role "users" is not included in web.xml of the
> application. 
> If I try to login the application with the user "view", I get an error:
> "HTTP Status 403 - Access to the requested resource has been denied". I
> cannot go back to the login page. I have to close the brower or restart the
> server to see the login page. 

You don't need to kill the browser /or/ the server. You just need to
kill the user's session.

> Clean the browser's cache is not working. It seems the authentication
> information is cached in the Tomcat server. Any idea?

Tomcat links the authentication information for a user to the session.
Once the session is dead, you can re-login. Override the 403 error page
to include your own text including a link that takes you to the
(unprotected) logout page.

- -chris
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla -


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message