You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cr...@apache.org on 2001/09/17 18:39:01 UTC

cvs commit: jakarta-tomcat-4.0/webapps/examples/jsp/security/protected error.jsp index.jsp login.jsp

craigmcc    01/09/17 09:39:01

  Modified:    webapps/examples/jsp/security/protected error.jsp index.jsp
                        login.jsp
  Log:
  Make the form-based login example work even if cookies are turned off, by
  performing URL rewriting on all of the relevant hyperlinks.
  
  Submitted by:  pero@antaramusic.de (on TOMCAT-USER)
  
  Revision  Changes    Path
  1.2       +1 -1      jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/error.jsp
  
  Index: error.jsp
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/error.jsp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- error.jsp	2001/07/26 19:42:44	1.1
  +++ error.jsp	2001/09/17 16:39:01	1.2
  @@ -4,6 +4,6 @@
   </head>
   <body bgcolor="white">
   Invalid username and/or password, please try
  -<a href="login.jsp">again</a>.
  +<a href='<%= response.encodeURL("login.jsp") %>'>again</a>.
   </body>
   </html>
  
  
  
  1.5       +5 -3      jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/index.jsp
  
  Index: index.jsp
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/index.jsp,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- index.jsp	2001/07/28 23:29:12	1.4
  +++ index.jsp	2001/09/17 16:39:01	1.5
  @@ -46,14 +46,16 @@
   
   To check whether your username has been granted a particular role,
   enter it here:
  -<form method="GET" action="index.jsp">
  +<form method="GET" action='<%= response.encodeURL("index.jsp") %>'>
   <input type="text" name="role" value="<%= role %>">
   </form>
   <br><br>
   
   If you have configured this app for form-based authentication, you can log
  -off by clicking <a href="index.jsp?logoff=true">here</a>.  This should cause
  -you to be returned to the logon page after the redirect that is performed.
  +off by clicking
  +<a href='<%= response.encodeURL("index.jsp?logoff=true") %>'>here</a>.
  +This should cause you to be returned to the logon page after the redirect
  +that is performed.
   
   </body>
   </html>
  
  
  
  1.2       +1 -1      jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/login.jsp
  
  Index: login.jsp
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/login.jsp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- login.jsp	2001/07/26 19:42:44	1.1
  +++ login.jsp	2001/09/17 16:39:01	1.2
  @@ -2,7 +2,7 @@
   <head>
   <title>Login Page for Examples</title>
   <body bgcolor="white">
  -<form method="POST" action="j_security_check" >
  +<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
     <table border="0" cellspacing="5">
       <tr>
         <th align="right">Username:</th>