> I would simply be a little bit leary of extending the web.xml file
> format beyond what the spec states, given that Tomcat is the official
> reference implementation. My feeling would be to change the internal
> behavior of the problem you point out to be handled a bit more
> elegantly, rather than open up a "web application format specification"
> can of worms. Adding internal behavior to an engine, above and beyond
> the spec, is one thing. Changing/adding functionality at the webapp
> level is quite another.
>
> In any case, I actually liked your idea :-) You've sparked a few good
> ideas for my own applications.
Thanks! What about adding a tomcat-specific <context-param>
for handling this case?
Right now I just have a snippet in my login.jsp file that looks like the
following:
<%
if (session.getAttribute("tomcat.auth.originalLocation")==null)
session.setAttribute("tomcat.auth.originalLocation","user/welcome.jsp");
%>
A special <context-param> that does the above automatically would mean that
my JSP pages wouldn't have the above tomcat-specific hack and I wouldn't
need to repeat the above hack for every secure context I set up.
I've got to take off now, so I won't send any more messages until tommorow.
Thanks for your input!
-Mike
>
> I just disagree with the specific implementation which would extend
> web.xml beyond what the specification allows for.
