I'm suspecting you either link to /j_security_check or manually forward
there from your pages. Pages in your web project shouldn't ever link to
it except the login form and even then only in the action attribute of
the form tag. Tomcat will take control when it sees a client trying to
access a protected resource without a valid session and return the login
page. Your code doesn't have to ever do that.
--David
Joe A wrote:
if i redeploy my webapp and try to access a protected page, it will show
the login
screen but after clicking login it just reloads the login page instead
of sending me to the protected page. if i reload the login page it will
give me access
to the page i wanted. if i fill in user/pass and hit login a 2nd time it
shows:
HTTP Status 404 - /j_security_check
type Status report
message /j_security_check
description The requested resource (/j_security_check) is not available.
Apache Tomcat/5.5.20
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]