tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject j_security_check requires session
Date Wed, 24 Sep 2008 15:12:25 GMT
I am having a problem posting credentials to j_security_check for
form-based authentication.
It seems that tomcat expects that I already have a session established
before posting the username and password.  If I don't already have a
JSESSIONID cookie, j_security_check returns a 408.  Unfortunately, I
have another application attempting to talk to this one that requires
that the first thing it does is post credentials to the
j_security_check, so I have no mechanism of hitting another page first
to establish a session.
This mechanism worked fine with BEA Weblogic, but it seems that tomcat's
handling of j_security_check is different.  Does anyone know of any
options to modify the behavior of j_security_check so that it would just
do the authentication and establish the session in one shot at the time
of the POST request?

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message