DO NOT REPLY [Bug 8976] New: - Form Authentication Gives invalid direct reference to form login page

[bu...@apache.org]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8976>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8976

Form Authentication Gives invalid direct reference to form login page

           Summary: Form Authentication Gives invalid direct reference to
                    form login page
           Product: Tomcat 4
           Version: Unknown
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: carlson@bookandhammer.com


One of the issues I had was wanting my login page to be the first page 
people went to, but with the current FormAuthentication you get an error 
(invalid direct reference to form login page).

I have modified the FormAuthenication class so if someone posts to 
j_security_check from the login page (specified in the web.xml) it will 
authenticate and redirect them back to the login page.

I also added another feature where if a person also posts the parameter
 j_redirect_url to j_security_check it will forward them to that url (note: the 
j_redirect_url must be an absolute url reference).

The logic inside this class is fairly complicated because it deals with 
multiple requests and I think I did everything correctly. If someone wants 
to provide feedback that would be great. I can work on any bugs.

The actual code was sent to the maillist list under the subject
Form Authentication potential contribution

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>