_________________________________ I'm wondering if there are any developers who have seen this bug...
Under Tcat 4.x on a form-based login site with jdbcrealms, if you have a user which doesn't have per-session cookies enabled (so that he/she is using url session tracking) Tomcat has this strange behavior where it sends the user to the j_security_check page three times before letting them in I submitted the bug as: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6281 Have any active developers seen this problem? The problem does not occur when I switch to memory-based realms, so it appears to be a jdbcrealm specific issue. If anyone has any ideas on things I should look for in the jdbcrealm implementation, I would appreciate any hints on trying to fix this. Thanks, Cameron Elliott