I guess this was a bug in 5.0.28 according to the servlet spec
(SRV.8.4). If anyone else runs into this issue, the solution is pretty
easy:
String origRequestUrl =
request.getAttribute("javax.servlet.forward.request_uri")
-----Original Message-----
From: Aaron Loucks [mailto:[EMAIL PROTECTED]
Sent: Friday, October 28, 2005 12:39 PM
To: [email protected]
Subject: login config bug? request.getRequestURL() returns
form-login-page in Tomcat 5.5.12
request.getRequestURL() is returning the uri of the <form-login-page>
element instead of the original request url in 5.5.12. Is this a bug or
was this intended to be this way? If this is supposed to return the
form-login-page, how do I get the original request URL? Tomcat 5.0.x did
not behave this way -- getRequestURL() returned the original request.
For example:
web.xml:
...
<security-constraint>
<web-resource-collection>
<web-resource-name>protected</web-resource-name>
<url-pattern>/some_protected_url</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/WEB-INF/login.jsp</form-login-page>
</form-login-config>
</login-config>
...
-----------------
Request to: http://localhost:8080/some_protected_url
------------------
login.jsp:
...
System.out.println(request.getRequestURL()) // prints
"/WEB-INF/login.jsp" in Tomcat 5.5.12
...
System.out.println(request.getRequestURL()) // prints
"/some_protected_url" in Tomcat 5.0.28
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
