tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albretch Mueller" <>
Subject Security Realms and form-login-page
Date Sun, 20 Jan 2008 03:14:33 GMT
 On page 120 of the servlet spec., it is stated referring to the
<form-login-page> element in the <security-constraint> section of an
application's web.xml:
 The form-login-page element defines the location in the web app where
the page that can be used for login can be found. The path begins with
a leading / and is interpreted relative to the root of the WAR.
 How could you then specify a different (virtual) host accepting only
https connections, that would authenticate the user and then somehow
communicate to the particular webapp Sec Realm so the user is
 I think the supposed login page could redirect to that host's login
page, but how could that virtual host redirect back to the regular
 How do some sites out there implement something similar to this?

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message