> -----Original Message-----
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Monday, April 12, 2010 2:40 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 6.0.24 requires me to log on twice
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Terry,
>
> On 4/12/2010 8:05 AM, Terry Horner wrote:
> > That would be illogical, but it's not what I'm doing - in
> our system (and in the hypothetical example) the restricted
> images are inside a restricted page.
> > The bookmarks are to a restricted page, any unrestricted
> pages on our system only hold unrestricted resources.
>
> I've never had anything like this happen except when I was
> doing things
> like multiple webapps deployed into the same URL space. You said this
> was an "example": what is the context path of the real
> deployed webapp?
> Are there more than one webapp involved, here?
>
> If you have a working example, can you post a ZIP file to the
> list that
> exhibits this behavior?
>
> - -chris
The webapp is one of two in a single sign-on environment, and listens on /. The
other webapp is a simple one used to provide a client with a customised login
page (they go to /clientname/intro.html, login through /clientname/login.jsp
and, if successful are forwarded to /intro.html , which is on the main ap)
However, if I remove the other application, and the SSO valve the same
behaviour occours.
before
<Context path="" docBase="dabce" debug="0" override="true" crossContext="true"
reloadable="true">
<Manager className="org.apache.catalina.session.StandardManager"
entropy="hiddenstuff" maxActiveSessions="-1"
maxInactiveInterval="1600" sessionIdLength="24" />
<Valve className="org.apache.catalina.authenticator.FormAuthenticator"
characterEncoding="UTF-8"/>
</Context>
<Context path="/clientname" docBase="customlogon" override="true"
crossContext="true" reloadable="true">
<Valve className="org.apache.catalina.authenticator.FormAuthenticator"
characterEncoding="UTF-8"/>
</Context>
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
after
<Context path="" docBase="dabce" debug="0" override="true" reloadable="true">
<Manager className="org.apache.catalina.session.StandardManager"
entropy="hiddenstuff" maxActiveSessions="-1"
maxInactiveInterval="1600" sessionIdLength="10" />
<Valve className="org.apache.catalina.authenticator.FormAuthenticator"
characterEncoding="UTF-8"/>
</Context>
It's difficult to trim our application down to a simple test case. I will send
one when I can.
Terry
_______________________________________
The information contained in this message is confidential and is intended for
the addressee only. If you have received this message in error or there are any
problems please notify the originator immediately.
The unauthorised use, disclosure, copying or alteration of this message is
strictly forbidden. This mail and any attachments have been scanned for viruses
prior to leaving the Dancerace network.
Dancerace plc will not be liable for direct, special, indirect or consequential
damages arising from the alteration of the contents of this message by a third
party or as a result of any virus being passed on.
Dancerace plc reserve the right to monitor and record e-mail messages sent to
and from this address for the purpose of investigating or detecting any
unauthorised use of its system and ensuring its effective operation.
_____________________________________________________________________
This message has been checked for all known viruses by UUNET delivered
through the MessageLabs Virus Control Centre. For further information visit
http://www.uk.uu.net/products/security/virus/
****** Message from InterScan VirusWall 6 ******
** No virus found in attached file noname.htm
InterScan VirusWall 6 has scanned this message and found it to be free of known
viruses.
***************** End of message ***************
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
