On 16/08/2024 16:16, Fernando wrote:
Hi all, I need help with problem that I can't fix. I am using Apache Tomee 8, but I know that Apache Tomee rest on Apache Tomcat, in this case version 9. My problem is when some user exit from application this forward to login page doing this: HttpSession session = request.getSession(); session.invalidate();request.getRequestDispatcher("/login.jsp").forward(request, response); then if same user try to login, this launch something like this: http://localhost:8080/appweb/privado/j_security_check Asking in other forums, I read that " when you use JEE-standard Container security, the user should not explicitly request the login/loginfail pages. It won't work right."
That is correct. Some implementations have additional configuration options so this doesn't break but you would be better forwarding to a default page that requires authentication. The FORM auth will do its thing.
However I have other applicacion running on payara and that works, then I start to think that maybe is something misconfigured... Someone has some idea about this problem?
https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Form_Authenticator_Valve/Attributes Look for "landingPage" Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
