I thought of this but I don't think this will work. Login is a special
case. If the user has not yet logged in and they enter a URL to a page (any
valid page) the container (Tomcat) automatically returns the login page and
then AFTER successful login redirects them to the page. Therefore whether
I am not validating the form. I'm using the FORM authentication provided by
Tomcat, so Tomcat is validating the form.
Dave
Chad Wray <[EMAIL PROTECTED]> on 08/02/2001 10:32:55 AM
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:
Subject: Re: How to hide login pages
Are yo
I'm using FORM authentication and I would like to hide the login JSP files
so the users don't access them directly. For example, I don't want the user
to be able to enter the URL http://myserver/mywebapp/mylogin.jsp since this
will not work (since there is no original url to redirect them to they
I'm using form authentication and used session.invalidate(). This works
great but the browser may be cacheing your logoff page, in which case you
may get some unexpected results if you logoff and back in more than once.
You need to disable the page cacheing. I used the following in the head
sectio
Oh, I'm so embarrased! I should have actually LOOKED at our tomcat.bat/sh
files. We had created a 'realm' for our own custom authentication. The new
classes are in the same packages as our webapp classes, so someone added
our webapp/WEB-INF/classes directory to the classpath for tomcat. Very bad!
If you don't want to be tied to the servlet you could use the class loader
by doing something like one of the following:
// Use this if you don't care where the file is located (just doing reads)
this.getClass().getResourceAsStream("xyz.properties")
// Use this if need to know where the file is
I asked this on another thread of discussion but never got an answer. Is
this automatic redirection to SSL new for Tomcat 4.0? I'm using 3.2.3 and
when I set this user-data-constraint it appears that Tomcat verifies access
via SSL but does not redirect if it is not. From your response below I
ass
This is my workaround as well, but it is not a very good solution. I often
have multiple webapps running that need different versions of the same jar
file. This becomes a real pain.
Thanks,
Dave
john regan <[EMAIL PROTECTED]> on 07/24/2001 05:20:39 PM
Please respond to [EMAIL PROTECTED]
To
I'm running on NT (development) and Redhat Linux (production).
startup.bat and startup.sh (actually tomcat.bat/tomcat.sh) add the jar
files from tomcat/lib to the classpath but do not add jars from WEB-INF/lib
of the individual webapps.
Thanks,
Dave
Joseph D Toussaint <[EMAIL PROTECTED]> on
I see this problem, too. I'm using Tomcat 3.2.x. It appears to me to be a
bug.
I've seen others with this problem on this mailing list. Can anyone verify
that this actually does work?
(Just trying to add some weight to your claim and get it fixed if it is a
bug. :o)
Thanks,
Dave
Joseph D To
Is automatic redirection to SSL supported in 3.2.x? Is this a 4.0 feature?
I'm currently redirecting to SSL through brute force in my JSP page.
How do I configure Tomcat to redirect automatically? Can anyone point me to
a good resource on configuring Tomcat?
Thanks,
Dave
"Craig R. McClanaha
Hi,
I've written some custom JSP tags that create scripting variables to be
used in a JSP page. These tags are nested. I use the VariableInfo.AT_BEGIN
for the scope in my VariableInfo objects. The JSP 1.1 specification
indicates that the scope of my variables should be from the start tag to
the e
12 matches
Mail list logo
