tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob Hunt" <robert-h...@comcast.net>
Subject [TC 5.0.25] Posting directly to j_security_check
Date Thu, 15 Nov 2007 16:16:43 GMT
I have a form on a page that posts directly to j_security_check:
 
http://www.site.com/index.htm
    <form method="post" action="https://secure.site.com/j_security_check">
        <input type="text" name="j_username" />
        <input type="password" name="j_password" />
    </form>
 
 
When the POST request is received by secure.site.com, it kicks back a 408
response code and this message:
"The time allowed for the login process has been exceeded. If you wish to
continue you must either click back twice and re-click the link you
requested or close and re-open your browser"
 
Now I know it's choking because no session has been established.  But why
doesn't j_security_check authenticate first and then attempt to set
session/cookies?  Does anyone have a FORM based login workaround for this?
 
 
 
Second question, what source module implements j_security_check?

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message