DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21617>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21617 Form-based authentication problem on server with non-standard hostname Summary: Form-based authentication problem on server with non- standard hostname Product: Tomcat 4 Version: Unknown Platform: Other OS/Version: Windows NT/2K Status: NEW Severity: Normal Priority: Other Component: Unknown AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Please close this bug upon review - you can give it an invalid status (I would have myself if it had been an option). I just wish to document this problem so if anyone else runs into it they can find a solution when searching bugzilla. After many hours of investigation, I've finally found the apparent cause of a very mysterious problem. After installing Tomcat 4.1.24 on a server, and configuring a webapp to use form-based authentication, I kept getting the dreaded "HTTP Status 400 - Invalid direct reference to form login page" error, but in this case I wasn't directly referencing the login page at all. I was accessing a protected resource, getting redirected to the login page, submitting to j_security_check, at which point I got the error. This problem only occurred in MSIE (various versions, including v6 SP1) but not in Mozilla. And it only occurred on this particular server (NT 4, SP6a), not on several other systems which were virtually identical in configuration. What I finally realized is that the hostname contained an underscore, which technically makes it an invalid hostname (though this is only the 2nd time in my career that I've seen underscores cause problems in a hostname). When I substituted the hostname with it's IP address in the original URL, everything started working fine. I also tried modifying my local "hosts" file, adding the hostname (minus the underscore) and verified that it worked fine as well. Hopefully nobody else will run into this issue, and end up banging their head against a wall the way I did. Thankfully, I believe the newer Windows server install programs warn if you attempt to assign an invalid hostname, but unfortunately NT 4.0 did not. Why the problem only manifests itself with IE and not Mozilla I don't know - must have something to do with the redirection handling. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
