How can the login page see parameters in the original request? In my app, I make a request to https://localhost/mywebservice/action.do. Because the user is not authenticated, Tomcat redirects them to the login page. I want the login page to be able to see the parameters passed in the original request. Only if certain secret fields and values are present, do I want to generate the login page. Otherwise, I want to send the response code 404.
In FormAuthenticator.java, function saveRequest, they have if ("POST".equalsIgnoreCase(request.getMethod())) { ByteChunk body = new ByteChunk(); body.setLimit(request.getConnector().getMaxSavePostSize()); byte[] buffer = new byte[4096]; int bytesRead; InputStream is = request.getInputStream(); while ( (bytesRead = is.read(buffer) ) >= 0) { body.append(buffer, 0, bytesRead); } saved.setContentType(request.getContentType()); saved.setBody(body); } Maybe the act of reading the input stream through is.read uses it up, not sure. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org