You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ca...@kego.com on 2002/02/15 20:50:43 UTC
form based login+jdbc realm+url session tracking=broken login
_________________________________
I'm wondering if there are any developers who have seen this bug...
Under Tcat 4.x on a form-based login site with jdbcrealms, if you
have a user which doesn't have per-session cookies enabled
(so that he/she is using url session tracking)
Tomcat has this strange behavior where it sends the user
to the j_security_check page three times before letting them in
I submitted the bug as:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6281
Have any active developers seen this problem?
The problem does not occur when I switch to memory-based realms,
so it appears to be a jdbcrealm specific issue.
If anyone has any ideas on things I should look for in the
jdbcrealm implementation, I would appreciate any hints
on trying to fix this.
Thanks,
Cameron Elliott