Hi All,
I'm using Tomcat 4.1.12/JDK1.4.0_01/Struts
I have multiple webapps where one of the webapps is the main entry point for
the other webapps (contains menu, etc...).
I use security constraints and form-based login to control access to the
applications with SingleSignOn.
Customers requirement is: after logging of, they want to return to the login
page, so that a new user can immidiately login to the application. The
application is running on a PocketPC 2002 handterminal with Pocket IE.
Problem: the time between the last action (logout) and the new action
(login) might be longer than the session timeout. In that case, the url
originally requested is not available in the users session anymore, causing
a 400-error:incorrect direct reference to form login page.
I checked the FormAuthenticator class, and the behaviour is correct from
that point of view (savedRequestURL(Session session) returns null).
Is there a solution which lets the user be on the loginpage, while keeping
the target url somewhere hidden (in a form-field in the login-page?), which
is the alternative if no url is found in the session?
Or maybe something else?
Your input is highly appreciated!
Regards,
Klaas
_________________________________________________________________
MSN 8 with e-mail virus protection service: 3 months FREE*.
http://join.msn.com/?page=features/virus&xAPID=42&PS=47575&PI=7324&DI=7474&SU=
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_eliminateviruses_3mf
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>