From: Simone M. <mi...@ho...> - 2003-03-06 10:43:55
|
I think what Tomcat does after a post to j_security_check is look inside the user session (private to the container - org.apache.catalina.Session) for an attribute containing the original page that the user was trying to access. If it cannot find it throws an error 400. What you can do is have a custom 400 error page that redirects to somewhere. For details see org.apache.catalina.authenticator.FormAuthenticator where Constants.FORM_ACTION = " j_security_check ". // Redirect the user to the original request URI (which will cause // the original request to be restored) requestURI = savedRequestURL(session); if (debug >= 1) log("Redirecting to original '" + requestURI + "'"); if (requestURI == null) hres.sendError(HttpServletResponse.SC_BAD_REQUEST, sm.getString("authenticator.formlogin")); else hres.sendRedirect(hres.encodeRedirectURL(requestURI)); return (false); And HttpServletResponse.SC_BAD_REQUEST=400 Hope it helps Simone ----- Original Message ----- From: "Ken Yee" <ke...@ex...> To: <jbo...@li...> Sent: Wednesday, March 05, 2003 5:43 PM Subject: [JBoss-user] Re: update on automatic login > > FYI, if you access your form based login page (mine is called login.jsp) > directly from a browser, you can submit it and Tomcat/JBoss complains > that "Invalid direct reference to form login page" but the user is > still logged in (I can access a restricted URL w/o a login prompt), > so it looks like that "post to login page from automatic login" servlet > workaround will work, but it may be depending on a bug in > Tomcat/JBoss... > > > ken > > > _______________________________________________ > Join Excite! - http://www.excite.com > The most personalized portal on the Web! > > > ------------------------------------------------------- > This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger > for complex code. Debugging C/C++ programs can leave you feeling lost and > disoriented. TotalView can help you find your way. Available on major UNIX > and Linux platforms. Try it free. www.etnus.com > _______________________________________________ > JBoss-user mailing list > JBo...@li... > https://lists.sourceforge.net/lists/listinfo/jboss-user > |