tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gregor Schneider" <rc4...@googlemail.com>
Subject Re: j_security_check-behaviour - looking for workaround
Date Tue, 02 Dec 2008 16:03:48 GMT
Hi Chris,

On Tue, Dec 2, 2008 at 3:51 PM, Christopher Schultz
<chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>> Now if the session times out, the user clicks on the menue, the url
>> requested is the source of the IFrame.
>
> This shouldn't be the case: the URL requested should be the URL of the
> link that was clicked. Am I just interpreting "the source of the iframe"
> incorrectly?
>

maybe my explanation was a bit missleading:

Actually, the linki is called from a JavaScript-menue *sic*.

The link looks like this:

<a href="whlstt911.htm#912" target="some_inner_frame"><img
src="../snbulletopen.gif" border="0" align="absmiddle"> Medizin</a>

As you can see, in this menue there's always the target (the inner
frame) specified.

However, j_security_check takes the original link (in this case:
"whlstt911.htm#912") and open this page. However, this page is not
displayed within the inner frame but as it's very own page, so that
verything "around" the IFrame is lost.

>
> 1. If you follow a link in a frame, your login page needs to be
>   in-frame friendly.
> 2. If you reload the entire page, your login page needs to be
>   out-of-frame friendly.
>

Hm, I got not the slightest idea what you mean by in-frame- /
out-frame-friendly - could you shed some light?

Cheers

Gregor
-- 
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message