You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2001/12/14 00:47:51 UTC
DO NOT REPLY [Bug 5422] New: -
HTTP Headers not being cleared after form authentication
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5422>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5422
HTTP Headers not being cleared after form authentication
Summary: HTTP Headers not being cleared after form authentication
Product: Tomcat 4
Version: 4.0.1 Final
Platform: All
URL: http://members.optushome.com.au/bwalding/tomcat/header.z
ip
OS/Version: Windows NT/2K
Status: NEW
Severity: Normal
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: ben@walding.com
When using FORM authentication (for realm), it appears that HTTP headers are
not being reset as the page is redirected to target page (after authentication).
Process (tested against stock 4.0.1 tomcat install)
1. Create new webapp (eg header)
2. Unpack zip file listed in URL to webapp
http://members.optushome.com.au/bwalding/tomcat/header.zip
3. Go to http://localhost:8080/header/HeaderServlet (or appropriate spot if you
aren't running against localhost)
4. You should be redirected to the login.html page (user/pass = tomcat/tomcat
(default memory realm))
5. After that you should go to header display page. Note the duplicates?
If you invalidate the session and re-enter the page, you will see the session
id's are different.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>