-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Folks,
I have resolved the issue: On 7/10/2015 11:27 AM, Mark Eggers wrote: > Now with the shipped examples goodness: > > > On 7/9/2015 10:39 PM, Konstantin Kolinko wrote: >> 2015-07-10 2:35 GMT+03:00 Mark Eggers >> <its_toas...@yahoo.com.invalid>: >>> >>> Folks, >>> >>> I seem to be having a problem trying to use form-based >>> authentication. What worked in 7.0.62 no longer works in 7.0.63. >>> Using 7.0.62 I can successfully authenticate in my toy >>> application and the latest version of Jenkins. Using 7.0.63 I end >>> up on the form error page in my toy application and the latest >>> version of Jenkins. >>> >>> I've not changed any of the configuration files. I run Tomcat >>> using $CATALINA_HOME and $CATALINA_BASE. To upgrade Tomcat, I >>> just install a new version and move some links around. >>> >>> Here is a rundown of my environment: >>> >> [....] > >> How it fails? (Steps, maybe also Access Log output) > >> Quick test with direct access to Tomcat and examples webapp = >> success. >> (http://localhost:8080/examples/jsp/security/protected/index.jsp) > > Architecture where this works: > ------------------------------ > Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.62 -- examples > Browser -- Tomcat 7.0.62 -- examples > Browser -- Tomcat 7.0.63 -- examples > > Architecture where this fails (brings up invalid login page) > ------------------------------------------------------------ > Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.63 -- examples > > >> Possible areas to test: 1. httpd / mod_jk : Do you have failure >> with direct access to Tomcat ? > >> 2. cookie / set-cookie headers e.g. see AccessLogValve >> configuration here: >> https://bz.apache.org/bugzilla/show_bug.cgi?id=57872#c0 > >> 3. Realm > >> Best regards, Konstantin Kolinko > > So it does appear to be an issue with the supplied examples as well. I > didn't see anything obviously wrong with my mod-jk configuration > (posted in the first email). > > I'll try to start working through the code changes to see where the > likely culprit is. > > . . . just my puzzled 2 cents > /mde/ It would have helped (and not wasted everyone's time) if I had read the changelog carefully. - From the changelog: fix 57938: Correctly handle empty form fields when a form is submitted as multipart/form-data, the maxPostSize attribute of the Connector has been set to a negative value and the Context has been configured with a value of true for allowCasualMultipartParsing. The meaning of the value zero for the maxPostSize has also been changed to mean a limit of zero rather than no limit to align it with maxSavePostSize and to be more intuitive. (markt) My AJP connector (since I have to support some oddly-written application s): <Connector URIEncoding="UTF-8" connectionTimeout="600000" maxPostSize="0" port="8009" protocol="AJP/1.3" redirectPort="8443" /> Since 0 now really means 0, I was not getting any POST parameters throug h. It now reads: <Connector URIEncoding="UTF-8" connectionTimeout="600000" maxPostSize="-1" port="8009" protocol="AJP/1.3" redirectPort="8443" /> and everything works. Sorry for the noise. . . . documentation, it's not just for breakfast anymore /mde/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVo/+3AAoJEEFGbsYNeTwtPn4IAK0tdY22hwq/LRr71ozShRgx XiCiHB/X79P71VIbs8rQ5Ao3RNG6quEzsZQXWXFNvvWq4uSh3cUivRLd53LylST2 aGrdn1UhJCGOmI5zaLiPo+XOlhLkp2DdGVUwfMjwmO0g/4Ogfqq2NBR2BZ4JTwyd tX0GraXUc04ORErFiJdHx2vxx9lf9ysbvjts4ARE+w2ugV2Us7ZziCmu7uiOEALm 5Fozif5GYbQb2npssyszgA4brI8UWIChlpcr8QQP6IpuKmZK3yeRNzV5yC9UyfCg NhrOl6UDdStqekQTgxdORezgz5vJTxREnJbEHYKJ3XIB0nM9ObXhObwPA46Jx64= =kKwI -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
