POST and session-timeout (Extra Information)
Hi All, I have a secured area in with FORM authentication, when I -POST- a Form after the session has timed out and re-login, the information on the Form isn\'t submitted anymore. The parameters are lost. Is there a possibility to have the parameters still in the request? Getting the form isn\'t an option because there is too much information in the request. It also isn\'t possible to post an multipart form. Greetings Ralph Forgot to mention: I use Tomcat 3.2.1 and Jboss 2.2.1
Re: POST and session-timeout (Extra Information)
<[EMAIL PROTECTED]> wrote: > Hi All, > > I have a secured area in with FORM authentication, when I -POST- a Form after > the session has timed out and re-login, the information on the Form isn\'t > submitted anymore. The parameters are lost. Is there a possibility to have the > parameters still in the request? Getting the form isn\'t an option because there > is too much information in the request. It also isn\'t possible to post an > multipart form. > > Greetings Ralph > > Forgot to mention: I use Tomcat 3.2.1 and Jboss 2.2.1 This is more a question for Tomcat, but you are right, the POST data are not stored in Tomcat during the form based login. As far as I know, only the URL is stored (but better have a look into the sources). It is a limitation, but it also protects your server. The submitted data have to be stored in a session and POSTed data can be huge. Storing them could overload your server, even from people, who were not yet authentified. -- gR
Re: POST and session-timeout (Extra Information)
Hi Gregor, Are the post parameters stored if I use basic login? Grtz. ezCompany >>> easy internet solutions <<< www.ezcompany.nl Stationsstraat 39 5038 EC Tilburg T 013 5453408 F 013 5453409 - Original Message - From: "Gregor Rayman" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, September 08, 2001 12:19 PM Subject: Re: POST and session-timeout (Extra Information) > <[EMAIL PROTECTED]> wrote: > > > Hi All, > > > > I have a secured area in with FORM authentication, when I -POST- a Form > after > > the session has timed out and re-login, the information on the Form isn\'t > > submitted anymore. The parameters are lost. Is there a possibility to have > the > > parameters still in the request? Getting the form isn\'t an option because > there > > is too much information in the request. It also isn\'t possible to post an > > multipart form. > > > > Greetings Ralph > > > > Forgot to mention: I use Tomcat 3.2.1 and Jboss 2.2.1 > > This is more a question for Tomcat, but you are right, the POST data are not > stored in Tomcat during the form based login. As far as I know, only the URL > is stored (but better have a look into the sources). > > It is a limitation, but it also protects your server. The submitted data > have > to be stored in a session and POSTed data can be huge. Storing them could > overload your server, even from people, who were not yet authentified. > > -- > gR > > >