We can agree that the behavior is spec-compliant, but we cannot agree that
the spec is particuarly smart on that point.
I would like to be able to make a patch, but Im not involved as a
developer.
Thanx
I cannot be the only one ever expirienced this problem.
Any comments, PLEASE...
- Per Steffensen
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
getRequestURI returns j_security_check.
I was thinking the same thought about Tomcat have to store the URI
somewhere. I have run through alle request parameters, request attributes
and session attributes - nothing!
Kind Regards
Per Steffensen
Hi
Im not involeved with Tomcat as a developer. Cant any of you developers
make the patch. Let me know ;-)
Steff
I believe the j_target_url was a proprietary add-on attribute WebLogic
added, not part of the servlet spec, and that there's no equivalent in
tomcat at this time. I could be
Does any know a good workaround.
I was thinking af putting af non-protected JSP in front of my protected
JSP, that just saves the needed info in session scope, before forwarding to
the protected JSP.
It is just not that good an idea, when you have such a complicated
structure of protected JSPs
Hi
Using (JBoss/)Tomcat.
I am using declarative protection to protect some of the pages on my site.
Like this in web.xml:
security-constraint
web-resource-collection
web-resource-nameX users/web-resource-name
descriptionX users/description