> -Original Message-
> From: Terry Horner [mailto:t.hor...@dancerace.com]
> Sent: Friday, April 09, 2010 5:08 PM
> To: users@tomcat.apache.org
> Subject: RE: Tomcat 6.0.24 requires me to log on twice
> > -Original Message-
> > From: Chr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/12/2010 11:23 AM, Terry Horner wrote:
> org.apache.catalina.valves.ExtendedAccessLogValve the definition is within
> the host, not the context.
> The log pattern string is now
> "c-dns x-H(remoteUser) date time x-H(protocol) cs-method c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/12/2010 11:38 AM, Terry Horner wrote:
> The webapp is one of two in a single sign-on environment, and listens
> on /. The other webapp is a simple one used to provide a client with
> a customised login page (they go to /clientname/intro.ht
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Monday, April 12, 2010 2:40 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on twice
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Monday, April 12, 2010 2:48 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on twice
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> Terry
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/12/2010 9:23 AM, Terry Horner wrote:
> Looking at old logfiles from slightly older tomcat 6.0 versions this seems to
> be normal - this request in the last step in the request data page->get sent
> to logon page->send username and passwo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/12/2010 8:05 AM, Terry Horner wrote:
> That would be illogical, but it's not what I'm doing - in our system (and in
> the hypothetical example) the restricted images are inside a restricted page.
> The bookmarks are to a restricted page,
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Friday, April 09, 2010 5:55 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on twice
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> Terry
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Terry,
>
> On 4/9/2010 12:14 PM, Terry Horner wrote:
> > The problem seems to occur if there are any restricted resources
> > within a page - it doesn't seems too outlandish for someone to
> > restrict access to their images folder (say, it ha
No, the logon page is very simple, without the navigation bar, so it doesn't
link that page
> -Original Message-
> From: Pid * [mailto:p...@pidster.com]
> Sent: Friday, April 09, 2010 5:53 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/9/2010 12:08 PM, Terry Horner wrote:
> That was a javascript error in the onsubmit in the logon form (the
> onSubmit called a function to disable the button which both submitted
> the form an returned true. d'oh), now fixed.
That's what I
Terry, does your login page reference the same script URL as the secured
pages, by any chance?
p
On 9 April 2010 17:39, Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Terry,
>
> On 4/9/2010 12:14 PM, Terry Horner wrote:
> > The problem seems to occur if there a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/9/2010 12:14 PM, Terry Horner wrote:
> The problem seems to occur if there are any restricted resources
> within a page - it doesn't seems too outlandish for someone to
> restrict access to their images folder (say, it has client logos in
> -Original Message-
> From: Mark Thomas [mailto:ma...@apache.org]
> Sent: Friday, April 09, 2010 8:06 AM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on twice
> On 08/04/2010 23:34, Christopher Schultz wrote:
> >> This happens on To
Hi, thanks for the analysis
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Thursday, April 08, 2010 11:35 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on twice
> -BEGIN PGP SIGNED MESSAGE
On 08/04/2010 23:34, Christopher Schultz wrote:
This happens on Tomcat 6.0.24 and 6.0.26, but not 6.0.20, which makes me
think it is related to change 45255 (Provide protection against session
fixation by changing session ID automatically on authentication.), in
the dev environment tomcat is runn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Terry,
On 4/8/2010 9:12 AM, Terry Horner wrote:
> I am having a problem with Tomcat - if I log on to a page which contains
> a restricted resource, it shows me the page (and any unrestricted
> images, etc), but doesn't show the restricted resource (I
Hi,
I am having a problem with Tomcat - if I log on to a page which contains a
restricted resource, it shows me the page (and any unrestricted images, etc),
but doesn't show the restricted resource (I believe tomcat thinks the user is
not authenticated as sends the 403 page, judging by the 3478
18 matches
Mail list logo