tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: Form based logon problems in T4B6
Date Wed, 25 Jul 2001 00:14:13 GMT
Kevin,

As I was fixing Bugzilla #2768 (form based login was losing the query
string when redirecting back to the original page), I tried out your
scenario using the examples app included with Tomcat:

  http://localhost:8080/examples/jsp/security/protected/index.jsp

and it seemed to work correctly.  I'd be very interested in a test case
that fails on tonight's nightly build (20010725).

Craig


On Tue, 24 Jul 2001, Kevin Jones wrote:

> I can't get form based logon to work reliably in Beta6 (in fact I've had
> problems for a while)
> 
> I have a webapp (called course) and a sub directory (gjava) which is
> protected. I'm using form based logon with the username and password in
> tomcat-users.xml.
> 
> i) If I try and access a resource in \course\gjava I get the logon page, if
> I enter a valid username and password everything works.
> 
> ii) If I try and access a resource in \course\gjava I get the logon page, if
> I enter an invalid username and password I get the logon page again - *not*
> the error page.
> 
> iii) If I try and access a resource in \course\gjava I get the logon page,
> if I enter a valid username and password everything works. But if I hit the
> back button and then enter an invalid username/password I get redirected
> here http://localhost/course/gjava/j_security_check and get a 404 error
> 
> iv) If I try and access a resource in \course\gjava I get the logon page, if
> I enter an invalid username and password I get the logon page again - *not*
> the error page. If I now enter the correct password I get the error page,
> 
> Kevin Jones
> DevelopMentor
> www.develop.com
> 
> 


Mime
View raw message