On 04/06/2010 01:19, Martin Gainty wrote: > > the reference is to URLEncoder class > > URLEncoder Utility class is used for HTML form encoding. This class contains > static methods for converting a String to the > application/x-www-form-urlencoded MIME format > > javadoc for encode methods of the URLEncoder are illustrated at > > http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
Not it's not, it's a reference to "response.encodeRedirectURL(path)" Instead of continuing to talk about this in the abstract, how about you post some details of your configuration and the code you're using to logout? Where is the login form, what URL is it? Which URL are you redirecting to after logout, and how are you doing that? etc p > ______________________________________________ > Verzicht und Vertraulichkeitanmerkung > > Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger > sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung > oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich > dem Austausch von Informationen und entfaltet keine rechtliche > Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen > wir keine Haftung fuer den Inhalt uebernehmen. > > > >> Date: Fri, 4 Jun 2010 00:34:36 +0300 >> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page! >> From: george.pu...@gmail.com >> To: users@tomcat.apache.org >> >> Hello Cris, >> >> *After you call session.invalidation(), what does your code do, >> specifically? If you do a "forward" to a protected resource, strange >> things may happen with cookie-passing.* >> >> After the session get's invalidate(on the server side) my code send back a >> request success to the UI and then the Ui redirect's my app to the protected >> resource. >> >> *Does your login form properly encode the session id into it's <form> >> action? Does your logout code properly encode the session id into the >> redirect URL? Have you enabled/disabled cookies in your web browser?* >> >> My cookies are enabled. But I don't know exactly if the login/logout code >> form properly encode the session id into it's <form>(how can I test that?) >> >> >> >> Thank you very much!!!! >> >> >> >> On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz < >> ch...@christopherschultz.net> wrote: >> > Gheorghe, > > On 6/3/2010 2:18 PM, Gheorghe Pucea wrote: >>>>> By "when I get back to the login page" I mean that I log out from my app > and >>>>> then I redirect my app to a restricted resource and when my login page >>>>> appears I type my User/pass and the error occurs. >>>>> >>>>> I want to add something, when I log out and after I redirect my app to a >>>>> protected resource the login page show's up if I hit the refresh button > on >>>>> my browser and I type in my user/pass it works. > > After you call session.invalidation(), what does your code do, > specifically? If you do a "forward" to a protected resource, strange > things may happen with cookie-passing. > > Does your login form properly encode the session id into it's <form> > action? Does your logout code properly encode the session id into the > redirect URL? Have you enabled/disabled cookies in your web browser? > > -chris >>> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> > _________________________________________________________________ > The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with > Hotmail. > http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
signature.asc
Description: OpenPGP digital signature
