tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: j_security_check redirect after login
Date Thu, 08 Nov 2007 21:05:31 GMT
> From: Andrew R Feller [mailto:afelle1@lsu.edu] 
> Subject: RE: j_security_check redirect after login
> 
> I'm sorry but maybe I am reading a different version of the servlet
> specification than you: it only explains the case where you access a
> container-managed resource and then login.

Form-based login is still container-managed, so the description in the
servlet spec still applies.

> The question I had was what happens when you directly request 
> the login form and successfully login.

That certainly wasn't clear from your original question - there was no
mention of accessing the login form directly.

In any event, the Tomcat 5.5 admin app uses form-based login, so it's a
convenient tool to experiment with.  Attempting to access the form
directly (/admin/login.jsp) results in the form being displayed
properly, but when it's submitted, a 404 is returned with the
description "The requested resource (/admin/j_security_check) is not
available."  This makes sense, since Tomcat didn't do a save of the the
original request and generate an internal one for the login page, so it
doesn't know that login processing is going on.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message