-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tokajac,
Tokajac wrote: | But when i submit the (activated) username and password, i got the | -------------------------------------------------------------------------- | HTTP Status 408 - The time allowed for the login process has been exceeded. | If you wish to continue you must either click back twice and re-click the | link you requested or close and re-open your browser This is probably because you went directly to the form login page, and you are using Tomcat's built-in container-managed authentication and authorization. Instead of sending the user directly to the login-page, try sending them to a protected URL (like /myApp/someProtectedPage). This will cause Tomcat to display the login page itself (which is actually required), and then the login should work. | What's wrong here? Is it something about sessions/cookies? How should i | solve this? Technically, the 408 is probably because of the timing of your testing. If you waited like 1 hour between requests, you'd get a different error like "unexpected login at this time" or a 404 because j_security_check isn't a valid URL unless the container is expecting it. It's a bit odd, but the servlet specification does not allow for "drive-by" logins, and so Tomcat does not implement them. | P.S. | If i open another browser manually after clicking the link, and submit | activated username and pass -everything is fine. Hmm. That's a bit odd. You might want to disable cookies in your browser during testing, because they can confuse things sometimes by linking a minutes-old session with a "new" login you are attempting. Try the protected-page trick above and let us know how things go. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkigTggACgkQ9CaO5/Lv0PBnWgCeNZNGk7mhHhKX1YfalXTZ+o72 1vgAn0CkTdvSrwCifc6FLqZEvFLr7w8W =bnas -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
