uot;JULIEN,TIMOTHY (HP-NewJersey,ex2)" <[EMAIL PROTECTED]>
Subject: RE: FORM-based login questions
Message-ID: <[EMAIL PROTECTED]>
1. You are right that the spec doesn't say what to do when a login form is
accessed directly. This is why Tomcat doesn't know what to do. Tw
1. You are right that the spec doesn't say what to do when a login form is
accessed directly. This is why Tomcat doesn't know what to do. Two things:
a) don't let users access login form directly. Not sure what happens in
Tomcat if you protect the login form. At least you can remove all links
