DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6279>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6279 Resubmit to j_security_check mistakenly fetches a page of that name ------- Additional Comments From [EMAIL PROTECTED] 2002-11-01 03:19 ------- This bug is still around in 4.1.12. Brian: The code you posted and the modification you posted afterward are difficult to understand. It is usually standard practice to post patches in unified diff format (diff -u). My understanding of the problem is that: 1. We want FormAuthenticator to mirror BasicAuthenticator as closely as possible from the user's perspective. 2. In BASIC authentication, when a user successfully authenticates and presses the "back" button, the user is returned to the page she was on before attempting to access a secured resource. If the attempt to access the secured resource is the very first page visited after opening a browser, then the "Back" button is unavailable. Number 2 is not reproducible using FormAuthenticator because an extra request is generated (the request for the login page). Therefore we must decide on a desired behavior for this scenario. Any takers? -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
