-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gheorghe,
On 6/3/2010 2:18 PM, Gheorghe Pucea wrote: > By "when I get back to the login page" I mean that I log out from my app and > then I redirect my app to a restricted resource and when my login page > appears I type my User/pass and the error occurs. > > I want to add something, when I log out and after I redirect my app to a > protected resource the login page show's up if I hit the refresh button on > my browser and I type in my user/pass it works. After you call session.invalidation(), what does your code do, specifically? If you do a "forward" to a protected resource, strange things may happen with cookie-passing. Does your login form properly encode the session id into it's <form> action? Does your logout code properly encode the session id into the redirect URL? Have you enabled/disabled cookies in your web browser? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwIHaIACgkQ9CaO5/Lv0PD4egCfT9LLrkpGYO39bqTTki1arNoc k+4An0eBb+93c9XYCgzNXnF4BZop8NTI =lzIW -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org