-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chema,
On 7/25/2011 6:41 AM, Chema wrote: >> The behaviour is correct. You can't stop it. >> >> Mark > > Thanks for you answer. But, is it right according to specs or > according to Tomcat ? I don't believe the spec covers this particular case. If you disagree, I'd be happy to re-read a part of the spec you think might cover it. > I can understand step 3 behaviour because is returned the last > resource request by session ( althought user doesn't understand that > two tabs are same session ) But I would like to avoid 404 errors I've always thought Tomcat's behavior when an "unexpected" login was experienced was a bit harsh, but there is no spec-compliant way to determine where the user should go in situations like this. Tomcat can't be expected to remember a list of URLs accessed prior to authentication and can't really associated those URLs with the exact browser-and-tab that requested them, so it only uses the "last" one. Once the "last" request has been successfully processed (in your step 3), Tomcat should no re-play that same request during step 4 because the request may be non-idempotent. Feel free to suggest some other spec-compliant behavior that could be achieved. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk4tncwACgkQ9CaO5/Lv0PDepgCeJkscA5woywu0ltrOaGGYJ99q I7QAoKotwbPpO/w4R8QrpIMPtZ9+F2JE =/2K6 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
