-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Shaun,
On 8/23/2010 4:56 AM, Shaun Senecal wrote: > I'm using FORM authentication, and everything seems to be working > (logins are accepted, etc), except when there was an error the URL > changes in the users browser to point to j_security_check. This is expected. > The > contents of the redirect to j_security_check contains login.html, so > the user is able to login as expected, but my "error=true" query > string is not passed along. How are you checking? If you are forwarding to a .html page, you probably don't have any dynamic content in there, and therefore have no options for checking for things like request parameters. > Is there something obvious I am doing > wrong here? I got it working under Jetty as a sanity test, but I need > to get it working in Tomcat too... It's possible that Jetty performs a redirect (to login.html?error=true) during a failed login and Tomcat performs a forward, which is entirely server-side. The result is that the client never sees the "error=true" and therefore only server-side components will be able to see it. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx1F/oACgkQ9CaO5/Lv0PBinQCfYr3S/2sEresGix7Qcd/waAow ltYAoIMMm/C9xFuMS5ixJ8jlsm1ensim =cFJK -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
