Hi,
I would like to forward error messages from the Login-Module (JAAS) to
my login-error.jsp site. To do this I create a own JAASRealm class that
override SecurityContraint method. In this method I placed a
this.request = request, so that I can use request.getSession.getID() and
request.getSession().setAttribute(<refname>, message) to forward the
message to the login-error.jsp site. I placed in the login-error.jsp
site <%= session.getAttribute(<refname>) %>.
Here are the first lines from my JAASRealm (I called it JAARSRealm):
public class JAARSRealm extends JAASRealm {
private Request request = null;
private static final String ERRMSG = null;
public SecurityConstraint [] findSecurityConstraints(Request request,
Context context) {
this.request = request;
return super.findSecurityConstraints(request, context);
}
public void setErrorMsg(String message) {
if(message.length() != 0){
HttpSession session = request.getSession(true);
session.setAttribute(ERRMSG, message);
}
}
...
So, now the problem:
My JAAS class is loosing the session after the validation of the current
user. Initially the session is there: If I log the request befor the
validation the session is appearing. But when I try to get the current
session after the validation in my setErrorMsg method sometimes I get
the session and sometimes not.
To make some more confusions: On my develope environment it works fine,
but not with all browsers. On the deployment environment it doesn't
work. I must makes two or more entries to get a error message.
So, is this a Tomcat bug (problem of timing)? Or are there some
configuration I must do (server.xml, web.xml) to make this work?
-Thanks
- Franck
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
