tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Smith <d...@cornell.edu>
Subject Re: j_security_check redirect after login
Date Thu, 08 Nov 2007 18:02:53 GMT
You never directly call j_security_check.  Here's how the process flow 
works:

1. browser attempts to load a protected page
2. tomcat saves the request and redirects the client to j_security_check 
for authentication
3. on successful authentication, tomcat restores the original request.

So basically it "knows" where because it remembers the protected 
resource requested just before authentication.  This process is defined 
in the servlet spec as pointed out by Chuck Caldarale.

--David

Andrew R Feller wrote:

>How does j_security_check know where to redirect users to after they
>have logged in?  I have searched for any documentation related to how
>j_security_check works but to no avail nor am I able to find out where
>in the Tomcat source code j_security_check is declared or invoked.
>
> 
>
>Thanks,
>
> 
>
>Andrew R Feller, Analyst
>
>Subversion Administrator
>
>University Information Systems
>
>Louisiana State University
>
>afelle1@lsu.edu
>
>(office) 225.578.3737
>
> 
>
>
>  
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message