Login Problem

[d d <ja...@rediffmail.com>]

  I am working on a struts web application with oracle as back end.I use tomcat. I am using filter so that if user has not logged in he cannot access any of the pages.I have a problem for logging..
I login into my application..Use the application..Now if suddenly i close Tomcat Server.. and restart it ..and refresh my old page..it continues to work.
This perticularly happens if there is a action in url..
e.g address bar has. "http/localhost:8080/web/app/ss.do" and the server is restarted, filter does not work..and page continues to flow.
 and if address bar contains "http/....../ss.jsp" filter works and user is forced to login.
 I havent judged the exact problem yet .Can anyone help me?

Re: Login Problem

["C.F. Scheidecker Antunes" <na...@antunes.eti.br>]

Take a look at O'Reilly's Struts Cookbook about this issue.

d d wrote:

>  I am working on a struts web application with oracle as back end.I use tomcat. I am using filter so that if user has not logged in he cannot access any of the pages.I have a problem for logging..
>I login into my application..Use the application..Now if suddenly i close Tomcat Server.. and restart it ..and refresh my old page..it continues to work.
>This perticularly happens if there is a action in url..
>e.g address bar has. "http/localhost:8080/web/app/ss.do" and the server is restarted, filter does not work..and page continues to flow.
> and if address bar contains "http/....../ss.jsp" filter works and user is forced to login.
> I havent judged the exact problem yet .Can anyone help me?
>  
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org

Re: Login Problem

[Laurie Harper <la...@holoweb.net>]

d d wrote:
>   I am working on a struts web application with oracle as back end.I use tomcat. I am using filter so that if user has not logged in he cannot access any of the pages.I have a problem for logging..
> I login into my application..Use the application..Now if suddenly i close Tomcat Server.. and restart it ..and refresh my old page..it continues to work.
> This perticularly happens if there is a action in url..
> e.g address bar has. "http/localhost:8080/web/app/ss.do" and the server is restarted, filter does not work..and page continues to flow.
>  and if address bar contains "http/....../ss.jsp" filter works and user is forced to login.
>  I havent judged the exact problem yet .Can anyone help me?

How are you performing authentication? If you're using HTTP Basic 
authentication, a restart of Tomcat wont clear the user's credentials from 
the browser so subsequent requests will continue to authenticate as you're 
seeing. Alternatively, if you're relying on data stored in the session to 
determine if the session has been authenticated, you may see this as a 
result of sessions being serialized to disk on Tomcat shutdown and reloaded 
on subsequent requests.

In other words, without knowing more about your authentication scheme it's 
impossible to say if this behaviour is 'wrong' or not. Perhaps you could 
post the filter code you're using?

L.
-- 
Laurie Harper
Open Source advocate, Java geek: http://www.holoweb.net/laurie
Founder, Zotech Software: http://www.zotechsoftware.com/


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org