Hi;
Thank you Laurie.
It works if I take out the saveToken / isTokenValid
stuff? The login process works correctly and it comes to my action class.
But I won't be able to control duplicate submission.
Anet.
--- On Tue, 6/3/08, Laurie Harper <[EMAIL PROTECTED]> wrote:
From: Laurie Harper <[EMAIL PROTECTED]>
Subject: Re: login problem
To: user@struts.apache.org
Date: Tuesday, June 3, 2008, 12:16 PM
Anet wrote:
> Hi
> I have a problem with "security-constraint" in tomcat 5.5. I use
struts 1.2.
> when we used tomcat 4.1.29, there were no problem with pages needed login.
> with tomcat 5.5.17, I had to put role-names into my web.xml file to solve
login problem.
> But now I have another problem.
> I have a form... needs login to be accessed.
> the user logins successfully.the form is shown to him.
> (in the code, saveToken() called )
> now he fills the form,but leaves his work,=&gt;his session expired...
> the user comes back.puts the submit button and redirects to login page.
> he logins...and the process of submit should be done.
> (in the code, isTokenValid(Request) called and returns false....)
> it is expected to continue the process...
> I didn't have this problem while using tomcat 4.1 .
> Would you mind help me for it? I have no idea...
If I understand you correctly, you are using container managed security
and seeing an inconsistency in behaviour between Tomcat 4.1.29 and
5.5.17. Struts is not involved in CMS processing in any way, so I would
suspect a Tomcat and/or configuration problem.
Does it work as you expect if you take out the saveToken / isTokenValid
stuff? If that fixes the problem, there may be Struts-related issue
here. Otherwise, you should probably pursue this on the Tomcat forums.
L.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
