You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cr...@apache.org on 2001/09/17 18:39:01 UTC
cvs commit: jakarta-tomcat-4.0/webapps/examples/jsp/security/protected error.jsp index.jsp login.jsp
craigmcc 01/09/17 09:39:01
Modified: webapps/examples/jsp/security/protected error.jsp index.jsp
login.jsp
Log:
Make the form-based login example work even if cookies are turned off, by
performing URL rewriting on all of the relevant hyperlinks.
Submitted by: pero@antaramusic.de (on TOMCAT-USER)
Revision Changes Path
1.2 +1 -1 jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/error.jsp
Index: error.jsp
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/error.jsp,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- error.jsp 2001/07/26 19:42:44 1.1
+++ error.jsp 2001/09/17 16:39:01 1.2
@@ -4,6 +4,6 @@
</head>
<body bgcolor="white">
Invalid username and/or password, please try
-<a href="login.jsp">again</a>.
+<a href='<%= response.encodeURL("login.jsp") %>'>again</a>.
</body>
</html>
1.5 +5 -3 jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/index.jsp
Index: index.jsp
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/index.jsp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- index.jsp 2001/07/28 23:29:12 1.4
+++ index.jsp 2001/09/17 16:39:01 1.5
@@ -46,14 +46,16 @@
To check whether your username has been granted a particular role,
enter it here:
-<form method="GET" action="index.jsp">
+<form method="GET" action='<%= response.encodeURL("index.jsp") %>'>
<input type="text" name="role" value="<%= role %>">
</form>
<br><br>
If you have configured this app for form-based authentication, you can log
-off by clicking <a href="index.jsp?logoff=true">here</a>. This should cause
-you to be returned to the logon page after the redirect that is performed.
+off by clicking
+<a href='<%= response.encodeURL("index.jsp?logoff=true") %>'>here</a>.
+This should cause you to be returned to the logon page after the redirect
+that is performed.
</body>
</html>
1.2 +1 -1 jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/login.jsp
Index: login.jsp
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/jsp/security/protected/login.jsp,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- login.jsp 2001/07/26 19:42:44 1.1
+++ login.jsp 2001/09/17 16:39:01 1.2
@@ -2,7 +2,7 @@
<head>
<title>Login Page for Examples</title>
<body bgcolor="white">
-<form method="POST" action="j_security_check" >
+<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
<table border="0" cellspacing="5">
<tr>
<th align="right">Username:</th>