Using: Linux main 3.2.0-32 Tomcat 7.0.32 Java version "1.7.0_09" (working through Eclipse Juno)
I've been assigned what should have been a pretty simple task, a jnlp launcher following a login to the web server. I've implemented what seemed to me to be the simplest solution - form based login going through j_security_check, after which I pass the jsessionid through a .jnlp built on the fly. This would pass the session to the Java Web Start and let me pass it as well to me application. I was planning on having the application perform the login manually if it isn't given a working session on startup. I'm not having a lot of luck. I believe that I have the user login bit setup correct as I see the failed login when I enter the incorrect login. When I enter a working name/password pair I get a 408 - timeout. That goes away if I change web.xml: <session-config> <session-timeout>30</session-timeout> <tracking-mode>URL</tracking-mode> </session-config> to the cookie form: <session-config> <session-timeout>30</session-timeout> <tracking-mode>COOKIE</tracking-mode> </session-config> After that everything works as expected, so it appears that the 408 is related to the URL tracking. I've tried this with the internal browser in Eclipse as well as Firefox and get the same problem. I'm guessing the j_security_check isn't redirecting with a rewritten URL and instead returns a timeout on a successful login. If this is a known behaviour I have not been able to find anything after spending a lot of time in google (more people seem to be trying to get rid of the url rewrite), but since this is a new environment I may not have a grip of the appropriate tags to be searching. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org