tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcel Stör <mar...@frightanic.com>
Subject Re: Request not forwarded to login page with security-constraint after session time-out
Date Thu, 26 Feb 2009 19:52:46 GMT

On 26.02.2009, at 20:13, Christopher Schultz wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Marcel,
>
> On 2/26/2009 10:21 AM, Marcel Stör wrote:
>> If I request a protected URL (manually clicking
>> link, AJAX request, etc.) *after* the session has timed out I  
>> expect an
>> automatic forwarding to the login page. As I could see while  
>> debugging,
>> the request dispatcher does indeed issue a forward() to the login  
>> page
>> but nothing happens.
>
> Error logs? HTTP dump? Note that Tomcat 5.0 has been unsupported for
> quite a while. I recommend planning an upgrade SOON.

I'll gather some more information...
I know. It's just that Google's GWT setup for local development ships  
with 5.0.28 embedded. We don't use 5.0 in production, don't worry.

>> I'm sure either, I saw it in some tutorial. Since I don't have a role
>> table (right, JDBCRealm complains about that, but whatever...) it
>> basically means that I don't use role based access.
>
> Technically speaking, no roles defined = no access. Practically
> speaking, I don't believe Tomcat forces any roles to be defined when  
> "*"
> is the role-name required by the security-constraint.


No, I only mentioned this because Tomcat throws an SQL exception  
because it tries to query a table called "" if I don't specify a role  
table in the realm config in context.xml

Regards,
Marcel

-- 
Marcel Stör, http://www.frightanic.com
Blog: http://frightanic.wordpress.com
Couchsurfing: http://www.couchsurfing.com/people/marcelstoer
Skype: marcelstoer


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message