tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gregor Schneider <rc4...@googlemail.com>
Subject Re: Request not forwarded to login page with security-constraint after session time-out
Date Thu, 26 Feb 2009 14:59:13 GMT
Marcel,

On Thu, Feb 26, 2009 at 12:16 AM, Marcel Stör <marcel@frightanic.com> wrote:
>
> [Problem]
> Upon session time-out the request is not forwarded to the login page (form
> based auth). Nothing happens on the UI. However, forwarding to the login
> page does work during the initially login into the application.
>

Not sure if I get you right:

Do you expect an *automatic* forwarding to the login-page?

Or are your requesting a protected url *after* session has timed out?

If the latter:

In the Tomcat-access-logs, do you seen any HTTP 40x?

Gregor

PS.:

This looks a bit awkward to me (didn't know that this is possible),
but I guess that's not the reason for your problem:

>    <role-name>*</role-name>

PPS: Compliments for the excellent problem-decription!

Gregor
-- 
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message