Hi list, imagine a framed web-application: After session-timeout, the user clicks on a link in an outer frame which has the inner frame as it's target. What happens? j_security_check is called, login-page displayed, authorization performed and saved url is requested. Unfortunately, your framed view gets lost.
Therefore I'm looking for a possibility to modify the savedURL in j_security_check. I know that a filter in tomcat can't be applied to j_security_check, I've tried a Valve, however, I can't access the neccesary objects like org.apache.catalina.session, when inheriting from ValveBase. Has anyone from the list ever manipulated j_security_check? Or does anybody have an alternative solution (like writing an own j_security_chjeck)? Inserting frame-breaks into the html-pages via Javascript is, unfortunately, not an option. Any suggestions higly appreciated! Greg PS.: We're talking about Tomcat 5.0.28 -- what's puzzlin' you, is the nature of my game