Christopher, I'm sorry but maybe I am reading a different version of the servlet specification than you: it only explains the case where you access a container-managed resource and then login.
The question I had was what happens when you directly request the login form and successfully login. As you never requested a container-managed resource, then how does it know where to send you. David Smith atleast understood it well enough to answer with the thought that the servlet container wouldn't allow you to access the login form directly. If that is the case, then my worries are eased. If not, then I will deal with it then. I've got enough information that I can work out the rest from here; thanks to those that have given some useful information and not just witty remarks. Andrew R Feller, Analyst Subversion Administrator University Information Systems Louisiana State University [EMAIL PROTECTED] (office) 225.578.3737 -----Original Message----- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Thursday, November 08, 2007 1:40 PM To: Tomcat Users List Subject: Re: j_security_check redirect after login -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrew, Andrew R Feller wrote: > 3. It is unclear what happens in the event when a user requests the > form- > login-page directly instead of going through a container-managed > resource. > > How does j_security_check know where to redirect the user once he has > authenticated successfully? If you're still asking, please read section 12.5.3 of the servlet specification: it tells you exactly what the servlet container is expected to do. It's available online from Sun's website. If you want to see /how/ it's done, you're going to have to dig around in the Tomcat source code. Th reason the code is not documented is because the specification outlines the behavior: there's no reason to document the code, etc. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHM2Yq9CaO5/Lv0PARAhzaAJ99NhIYjUUlY0seR/GDElFtDiklJQCfZrDb 5ouywvbE1WtVoKVzOKrV0II= =B+j0 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
