On 04/06/2010 01:19, Martin Gainty wrote:
>=20
> the reference is to URLEncoder class
>=20
> URLEncoder Utility class is used for HTML form encoding. This class con=
tains static methods for converting a String to the application/x-www-for=
m-urlencoded MIME format
>=20
> javadoc for encode methods of the URLEncoder are illustrated at
>=20
> http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
Not it's not, it's a reference to "response.encodeRedirectURL(path)"
Instead of continuing to talk about this in the abstract, how about you
post some details of your configuration and the code you're using to logo=
ut?
Where is the login form, what URL is it?
Which URL are you redirecting to after logout, and how are you doing that=
?
etc
p
> ______________________________________________=20
> Verzicht und Vertraulichkeitanmerkung
>=20
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empf=
aenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte We=
iterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht d=
ient lediglich dem Austausch von Informationen und entfaltet keine rechtl=
iche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails=
koennen wir keine Haftung fuer den Inhalt uebernehmen.
>=20
> =20
>=20
>> Date: Fri, 4 Jun 2010 00:34:36 +0300
>> Subject: Re: HTTP Status 400 - Invalid direct reference to form login =
page!
>> From: george.pucea@gmail.com
>> To: users@tomcat.apache.org
>>
>> Hello Cris,
>>
>> *After you call session.invalidation(), what does your code do,
>> specifically? If you do a "forward" to a protected resource, strange
>> things may happen with cookie-passing.*
>>
>> After the session get's invalidate(on the server side) my code send ba=
ck a
>> request success to the UI and then the Ui redirect's my app to the pro=
tected
>> resource.
>>
>> *Does your login form properly encode the session id into it's <form>
>> action? Does your logout code properly encode the session id into the
>> redirect URL? Have you enabled/disabled cookies in your web browser?*
>>
>> My cookies are enabled. But I don't know exactly if the login/logout c=
ode
>> form properly encode the session id into it's <form>(how can I test th=
at?)
>>
>>
>>
>> Thank you very much!!!!
>>
>>
>>
>> On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
>> chris@christopherschultz.net> wrote:
>>
> Gheorghe,
>=20
> On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
>>>>> By "when I get back to the login page" I mean that I log out from m=
y app
> and
>>>>> then I redirect my app to a restricted resource and when my login p=
age
>>>>> appears I type my User/pass and the error occurs.
>>>>>
>>>>> I want to add something, when I log out and after I redirect my app=
to a
>>>>> protected resource the login page show's up if I hit the refresh bu=
tton
> on
>>>>> my browser and I type in my user/pass it works.
>=20
> After you call session.invalidation(), what does your code do,
> specifically? If you do a "forward" to a protected resource, strange
> things may happen with cookie-passing.
>=20
> Does your login form properly encode the session id into it's <form>
> action? Does your logout code properly encode the session id into the
> redirect URL? Have you enabled/disabled cookies in your web browser?
>=20
> -chris
>>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
> _________________________________________________________________
> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars wi=
th Hotmail.=20
> http://www.windowslive.com/campaign/thenewbusy?tile=3Dmulticalendar&oci=
d=3DPID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
|