-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Filippo,
On 5/27/2011 4:21 AM, Filippo Machi wrote: > we have a filter, not a valve, (a class implementing javax.servlet.Filter) > that authenticates incoming request > according to: > - a particular key contained as parameter in the request > - the ip of the incoming request > - a cookie > those checks are applied in the exact order I listed them, if all of them > fails, then the user > is redirected to the login page as follows > > request.getServletContext() > .getRequestDispatcher(LOGIN_PAGE_REDIRECT_URL) > .forward(request, response); Note that "forward" here does not return an HTTP response to the client: the forward is performed on the server. > I don't know whether it matters but we have a chain of filters and the > authorization one I described is applied > after a filter that, in some cases perform a forward > > request.getServletContext().getRequestDispatcher(remappedResource).forward(request, > response); > > but I think it shouldn't be the cause of the issue... No, this should not interfere. > On Thu, May 26, 2011 at 7:12 PM, André Warnier <a...@ice-sa.com> wrote: >> And what you are seeing in the logs, is that from time to time, a request >> which seems to come from the PHP script (and should thus have a client IP >> address of 127.0.0.1 and go through without authentication), instead seems >> to come from another IP (and thus is caught by the Valve and returns a login >> page). >> And you also see this in the log of the PHP script : it shows that it >> receives a login page, instead of the expected response. (*) > > Yes, that's exactly what we're experiencing (the only detail that differs > it's that authentication is performed by a filter, not a valve). If the request is (allegedly) coming from localhost but is instead looking like it's coming from the outside, how do you *know* that it's coming from localhost? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3lRooACgkQ9CaO5/Lv0PC0fACeIlxcrD7vmVxonF4yGoBHWEJA J1gAn2en+sra+FomSSatZclXINdPxZSj =K7QD -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
