RE: j_security_check problem with 2nd login

Wed, 24 Apr 2002 07:20:49 -0700 

Hi, 

> If now some user comes back to the login screen and makes an additional
> login, j_security_check can get the destination address from the referring
page.

AFAIK, TOMCAT doesn't take destination page from referrer. TC takes it from
session, where is
stored first page that needed authentication which user tried to open not
being authenticated. :)
You can check it - look what attributes are stored in session after trying
to open protected page, but before 
submitting login form.

        -Jan

-----Original Message-----
From: Mario Rodler [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 9:34 AM
To: [EMAIL PROTECTED]
Subject: j_security_check problem with 2nd login


I'm working on a small Projekt which needs a form based login page. Using a
j_security_check form works fine.

I also have the problem, that a user must not come back to the login page
for a second login. If she does -> j_security_check will fail with a 404
error
page. (I know why).

Does anybody know a working solution?

On my way to find a correct solution, I've read the Sun Servlet Spec '
SRV.12.5.3 Form Based Authentication', and now I think the tomcat way  is
probably
not correct.

Instead of redirecting the browser to a Login-Form, tomcat should
include/forward the LoginForm. 

If now some user comes back to the login screen and makes an additional
login, j_security_check can get the destination address from the referring
page.

Any other ideas ???

-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net


--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

---
Poíchozí zpráva neobsahuje viry.
Zkontrolováno antivirovým systémem AVG (http://www.grisoft.cz).
Verze: 6.0.351 / Virová báze: 197 - datum vydání: 19.4. 2002
 

---
Odchozí zpráva neobsahuje viry.
Zkontrolováno antivirovým systémem AVG (http://www.grisoft.cz).
Verze: 6.0.351 / Virová báze: 197 - datum vydání: 19.4. 2002
 

--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

Reply via email to