That looks like a bug on first glance. Please submit it to the SecurityFilter project bug list on Sourceforge so that we can track it: http://sourceforge.net/tracker/?group_id=59484&atid=491164
If you aren't using it now, I recommend using the securityfilter-1.0.1 release, rather than an older release or a build from the CVS tree. 1.0.1 is the most stable. Actually, do this before you submit the bug in case it has already been fixed. If you were using a release version already, rather than the CVS tree, it probably hasn't been fixed in 1.0.1. It is possible that it was introduced in CVS when we added some features recently. I will look at it this weekend and possibly have a release to fix it in the same time frame. -Max ----- Original Message ----- From: "Mark Zeltser" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 04, 2003 7:52 AM Subject: SecurityFilter and back button > > Hi, > > I have struts 1.1b3 integrated with SecurityFilter using > CatalinaRealmAdapter. It works except of one case. After successfull > login, clicking back button and trying to login again results in > generating incorrect response path. E.g: > > **************************************************************************** ****************************************************************** > > Response: > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > --------------------------------------------------------------- > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > authType=null > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > contentLength=-1 > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > contentType=text/plain > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > cookie=JSESSIONID=1958650B877524BABA607A1E4A7A9B1F; domain=null; > path=/confirmw > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > header=Set-Cookie=JSESSIONID=1958650B877524BABA607A1E4A7A9B1F; > Path=/confirmw > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > header=Location=http://localhost:8080/confirmwnull > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > message=null > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > remoteUser=null > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > status=302 > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > =============================================================== > > > New Request: > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: REQUEST URI > =/confirmwnull > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > authType=null > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > characterEncoding=null > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > contentLength=-1 > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > contentType=null > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: contextPath= > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > cookie=JSESSIONID=1958650B877524BABA607A1E4A7A9B1F > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > header=accept=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, > application/msword, application/vnd.ms-excel, > application/vnd.ms-powerpoint, */* > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > header=referer=http://localhost:8080/confirmw/jsp/logon.jsp > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > header=accept-language=en-us > 2003-04-04 10:43:36 RequestDumperValve[Standalone]: > header=accept-encoding=gzip, deflat > **************************************************************************** ****************************************************************** > > Looks like domain's value(null) is appened to path, resulting in > incorrect URI /confirmnull. > > Is this a bug? > > Thanks, > Mark. > > > -- > NOTICE: If received in error, please destroy and notify sender. Sender > does not waive confidentiality or privilege, and use is prohibited. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]