I'm working on a small Projekt which needs a form based login page. Using a j_security_check form works fine.
I also have the problem, that a user must not come back to the login page for a second login. If she does -> j_security_check will fail with a 404 error page. (I know why). Does anybody know a working solution? On my way to find a correct solution, I've read the Sun Servlet Spec ' SRV.12.5.3 Form Based Authentication', and now I think the tomcat way is probably not correct. Instead of redirecting the browser to a Login-Form, tomcat should include/forward the LoginForm. If now some user comes back to the login screen and makes an additional login, j_security_check can get the destination address from the referring page. Any other ideas ??? -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
