Thank you, Christopher!
On Thu, Jun 11, 2015 at 4:34 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Leonid,
>
> On 6/11/15 4:18 AM, Leonid Rozenblyum wrote:
>> Hello. Just to double-check. By writing own login-handler, do you
>> mean, overriding FormAuthent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Leonid,
On 6/11/15 4:18 AM, Leonid Rozenblyum wrote:
> Hello. Just to double-check. By writing own login-handler, do you
> mean, overriding FormAuthenticator.authenticate() (looks risky
> since it's a big method which can change from one to another
Hello.
Just to double-check.
By writing own login-handler, do you mean, overriding
FormAuthenticator.authenticate() (looks risky since it's a big method
which can change from one to another Tomcat version)?
Or are there more painless ways to inject such custom login handler?
On Thu, May 28, 2015
On Fri, May 29, 2015 at 9:47 AM, André Warnier wrote:
> 20-odd
Well the development team uses Tomcat via Eclipse and after changing
some code they do Tomcat restart because more often than not, hot
redeploy doesn't give good results.
That's why Tomcat restart is a RATHER often event during the
de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 5/29/15 2:47 AM, André Warnier wrote:
> Leonid Rozenblyum wrote:
>> Hello, Christopher! I indeed meant this "The Tomcat restart
>> between showing and submitting the login page is the source of
>> the problem."
>>
>> Your explanation clar
Leonid Rozenblyum wrote:
Hello, Christopher!
I indeed meant this "The Tomcat restart between showing and submitting
the login page is the source of the problem."
Your explanation clarifies the core of the issue well!
I'll dig into the Tomcat documentation deeper to find out how to
inject that c
Hello, Christopher!
I indeed meant this "The Tomcat restart between showing and submitting
the login page is the source of the problem."
Your explanation clarifies the core of the issue well!
I'll dig into the Tomcat documentation deeper to find out how to
inject that custom login handler.
Thank
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 5/28/15 5:29 AM, Mark Thomas wrote:
> On 28/05/2015 10:22, Leonid Rozenblyum wrote:
>> Hello experts.
>>
>> We are using FormAuthenticator and face a following issue:
>>
>> 1) Session persistence is disabled 2) User is on login page 3)
>>
The reason is :
After Tomcat restart, and logging-in browser provides an old session
id to server.
FormAuthenticator treats it as an issue, and either sends error or landing page.
On Thu, May 28, 2015 at 12:30 PM, Leonid Rozenblyum
wrote:
> Well the issue is that if user enters CORRECT credentia
Well the issue is that if user enters CORRECT credentials AFTER Tomcat restart
he sees Error 400/408
On Thu, May 28, 2015 at 12:29 PM, Mark Thomas wrote:
> On 28/05/2015 10:22, Leonid Rozenblyum wrote:
>> Hello experts.
>>
>> We are using FormAuthenticator and face a following issue:
>>
>> 1) Ses
On 28/05/2015 10:22, Leonid Rozenblyum wrote:
> Hello experts.
>
> We are using FormAuthenticator and face a following issue:
>
> 1) Session persistence is disabled
> 2) User is on login page
> 3) Restart Tomcat
> 4) User tries authentication
>
> He receives error 400 or 408.
>
> While digging
Hello experts.
We are using FormAuthenticator and face a following issue:
1) Session persistence is disabled
2) User is on login page
3) Restart Tomcat
4) User tries authentication
He receives error 400 or 408.
While digging deeper we discovered that in this case Tomcat validates
session id and
12 matches
Mail list logo
