tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: j_security_check requires session
Date Wed, 24 Sep 2008 15:29:59 GMT wrote:
> I am having a problem posting credentials to j_security_check for
> form-based authentication.
> It seems that tomcat expects that I already have a session established
> before posting the username and password.  If I don't already have a
> JSESSIONID cookie, j_security_check returns a 408.  Unfortunately, I
> have another application attempting to talk to this one that requires
> that the first thing it does is post credentials to the
> j_security_check, so I have no mechanism of hitting another page first
> to establish a session.
> This mechanism worked fine with BEA Weblogic, but it seems that tomcat's
> handling of j_security_check is different.  Does anyone know of any
> options to modify the behavior of j_security_check so that it would just
> do the authentication and establish the session in one shot at the time
> of the POST request?

Sorry, no. That isn't the way the spec is written.

However, should do exactly what you


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message