Would there be some sort of caching mechanism keeping the session alive somehow?
-----Original Message----- From: Gheorghe Pucea [mailto:george.pu...@gmail.com] Sent: Thursday, June 03, 2010 2:37 PM To: Tomcat Users List Subject: Re: HTTP Status 400 - Invalid direct reference to form login page! Exactly, I supposed that too but when the user click's the logout button a servlet is called and that servlet invalidates the session after that from the server side a response is given back to the UI from where my application is redirected to a restricted resource. So I checked the servlet that does the invalidation and it look's fine. I spend 2 whole days googling and trying to solve the issue and don't know what else to do. It is the first time form me to work with JAAS on Tomcat and I don't exactly know if the problem is caused by JAAS or by Tomcat but I checked the login module and it work's fine and I think this issue is related to Tomcat. So please if you have another idea please share it. Thank you, On Thu, Jun 3, 2010 at 10:27 PM, Propes, Barry L <barry.l.pro...@citi.com>wrote: > Sounds like the session's not getting invalidated properly? > > -----Original Message----- > From: Gheorghe Pucea [mailto:george.pu...@gmail.com] > Sent: Thursday, June 03, 2010 1:13 PM > To: Tomcat Users List > Subject: Re: HTTP Status 400 - Invalid direct reference to form login page! > > Hello Barry, > > > > Exactly that is my problem, on every forum says that this error > happens when you access directly the login page, but when I log out > from my app I redirect the url to point to a restricted resource then > my login page appears and when I enter the username/password the error apears. > > So after the log out I don't point directly to the login page > insted I point to a restricted page and when I get redirected to the > login I type my username/pass and I get the error. > > > > > > Thank you very much for your time, I really appreciate!!!!!!! > > > > > > > > On Thu, Jun 3, 2010 at 8:51 PM, Propes, Barry L > <barry.l.pro...@citi.com > >wrote: > > > Yeah, I'd say he shouldn't be going "back to the login page" but > > rather to the protected page. > > > > -----Original Message----- > > From: Pid [mailto:p...@pidster.com] > > Sent: Thursday, June 03, 2010 12:11 PM > > To: Tomcat Users List > > Subject: Re: HTTP Status 400 - Invalid direct reference to form > > login > page! > > > > On 03/06/2010 15:29, Gheorghe Pucea wrote: > > > Hello, > > > > > > I have a problem with my Tomcat instance, I'm using: > > > > > > Tomcat 6.0.26 > > > Java jdk 1.5.0_17 > > > Windows XP SP3 > > > > > > I have implemented a JAAS login module for my application and > > > everything goes fine except from one thing. > > > > > > Here are the steps that I am doing: > > > > > > > > > 1)Request a protected resource -> the login form show's up and I > > > enter my username and password > > > > > 2) I get into the application and everything looks fine but when I > > > get back to the login page and enter my username/password again I > > > get the > > message: > > > (If I refresh the login page immediately when I hit the logout > > > button everything goes weel) > > > > Please explain what you mean by "when I get back to the login page". > > > > Why are you going back to the login page? > > > > > > p > > > > > > > HTTP Status 400 - Invalid direct reference to form login page > > > ------------------------------ > > > > > > *type* Status report > > > > > > *message* *Invalid direct reference to form login page* > > > > > > *description* *The request sent by the client was syntactically > > > incorrect (Invalid direct reference to form login page)* > > > > > > * > > > * > > > > > > * > > > * > > > > > > * > > > * > > > > > > *Thank you very much!* > > > > > > > > > > > -------------------------------------------------------------------- > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
