DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=35289>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=35289 Summary: [PATCH] - Allow a redirect parameter in the Form_Authentication Product: Tomcat 5 Version: 5.0.30 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] The problem I have found with the currenct implementation is that you must hit a protected resource before reaching a login box. How can we allow a login box on any page that will use j_security as the form action and still allow the FormAuthenticator object to know where to redirect the page? A solution is to add a hidden parameter to the login form that tells the FormAuthenticator where to go next. Here is a simple patch I am using until a more permenent solution is found. --- FormAuthenticator.java.New 2005-06-09 10:32:33.218750000 -0400 +++ FormAuthenticator.java 2005-06-09 10:53:25.593750000 -0400 @@ -267,10 +267,7 @@ // Redirect the user to the original request URI (which will cause // the original request to be restored) - String redirectURI = hreq.getParameter("j_security_redirect"); requestURI = savedRequestURL(session); - if (redirectURI != null ) - requestURI = redirectURI; if (log.isDebugEnabled()) log.debug("Redirecting to original '" + requestURI + "'"); if (requestURI == null) -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
