tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luke McMahon <mcmahonl...@hotmail.com>
Subject RE: Problem with form based JSP authentication using Firefox with Tomcat
Date Wed, 05 Sep 2007 02:47:12 GMT

Thanks p (hope this is formatted better!)

I tried this without success. I've attached the livehttpheader output below. What seems to
happen in Firefox is the first time I go to the login page, it passes the jsessionid to j_security_check.

If I then invalidate the session, and go to log in again, it calls j_security_check without
this identifier. This might be why I'm not getting redirected to the member page, but I'm
not sure of that.
Like I said, this works fine in IE, but firefox still seems to either be losing its bundle
after the session is invalidated or incorrectly caching the login page as the member page
I'm trying to access.

I've just cut and pasted the differences between the headers of the successful login, and
the unsuccessful login (ie. no redirect).

Success:
---------------------------------
http://localhost:8080/members/

GET /members/ HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://localhost:8080/index.htm

Failure:
------------------------------------
http://localhost:8080/members/

GET /members/ HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://localhost:8080/index.htm
Cookie: JSESSIONID=533286C2B979BBF186A7D69AAAE33746                
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message