tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From removeps-gro...@yahoo.com
Subject How can the login page see parameters in the original request?
Date Tue, 30 Dec 2008 03:24:01 GMT
How can the login page see parameters in the original request?

In my app, I make a request to https://localhost/mywebservice/action.do.
Because the user is not authenticated, Tomcat redirects them to the login page.  I want the
login page to be able to see the parameters passed in the original request.  Only if certain
secret fields and values are present, do I want to generate the login page.  Otherwise, I
want to send the response code 404.

In FormAuthenticator.java, function saveRequest, they have

        if ("POST".equalsIgnoreCase(request.getMethod())) {
            ByteChunk body = new ByteChunk();
            body.setLimit(request.getConnector().getMaxSavePostSize());

            byte[] buffer = new byte[4096];
            int bytesRead;
            InputStream is = request.getInputStream();
        
            while ( (bytesRead = is.read(buffer) ) >= 0) {
                body.append(buffer, 0, bytesRead);
            }
            saved.setContentType(request.getContentType());
            saved.setBody(body);
        }

Maybe the act of reading the input stream through is.read uses it up, not sure.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message