You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by d d <ja...@rediffmail.com> on 2005/08/19 08:47:45 UTC
Login Problem
I am working on a struts web application with oracle as back end.I use tomcat. I am using filter so that if user has not logged in he cannot access any of the pages.I have a problem for logging..
I login into my application..Use the application..Now if suddenly i close Tomcat Server.. and restart it ..and refresh my old page..it continues to work.
This perticularly happens if there is a action in url..
e.g address bar has. "http/localhost:8080/web/app/ss.do" and the server is restarted, filter does not work..and page continues to flow.
and if address bar contains "http/....../ss.jsp" filter works and user is forced to login.
I havent judged the exact problem yet .Can anyone help me?
Re: Login Problem
Posted by "C.F. Scheidecker Antunes" <na...@antunes.eti.br>.
Take a look at O'Reilly's Struts Cookbook about this issue.
d d wrote:
> I am working on a struts web application with oracle as back end.I use tomcat. I am using filter so that if user has not logged in he cannot access any of the pages.I have a problem for logging..
>I login into my application..Use the application..Now if suddenly i close Tomcat Server.. and restart it ..and refresh my old page..it continues to work.
>This perticularly happens if there is a action in url..
>e.g address bar has. "http/localhost:8080/web/app/ss.do" and the server is restarted, filter does not work..and page continues to flow.
> and if address bar contains "http/....../ss.jsp" filter works and user is forced to login.
> I havent judged the exact problem yet .Can anyone help me?
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Login Problem
Posted by Laurie Harper <la...@holoweb.net>.
d d wrote:
> I am working on a struts web application with oracle as back end.I use tomcat. I am using filter so that if user has not logged in he cannot access any of the pages.I have a problem for logging..
> I login into my application..Use the application..Now if suddenly i close Tomcat Server.. and restart it ..and refresh my old page..it continues to work.
> This perticularly happens if there is a action in url..
> e.g address bar has. "http/localhost:8080/web/app/ss.do" and the server is restarted, filter does not work..and page continues to flow.
> and if address bar contains "http/....../ss.jsp" filter works and user is forced to login.
> I havent judged the exact problem yet .Can anyone help me?
How are you performing authentication? If you're using HTTP Basic
authentication, a restart of Tomcat wont clear the user's credentials from
the browser so subsequent requests will continue to authenticate as you're
seeing. Alternatively, if you're relying on data stored in the session to
determine if the session has been authenticated, you may see this as a
result of sessions being serialized to disk on Tomcat shutdown and reloaded
on subsequent requests.
In other words, without knowing more about your authentication scheme it's
impossible to say if this behaviour is 'wrong' or not. Perhaps you could
post the filter code you're using?
L.
--
Laurie Harper
Open Source advocate, Java geek: http://www.holoweb.net/laurie
Founder, Zotech Software: http://www.zotechsoftware.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org