You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Gheorghe Pucea <ge...@gmail.com> on 2010/06/03 16:29:38 UTC
HTTP Status 400 - Invalid direct reference to form login page!
Hello,
I have a problem with my Tomcat instance, I'm using:
Tomcat 6.0.26
Java jdk 1.5.0_17
Windows XP SP3
I have implemented a JAAS login module for my application and everything
goes fine except from one thing.
Here are the steps that I am doing:
1)Request a protected resource -> the login form show's up and I enter my
username and password
2) I get into the application and everything looks fine but when I get back
to the login page and enter my username/password again I get the message:
(If I refresh the login page immediately when I hit the logout button
everything goes weel)
HTTP Status 400 - Invalid direct reference to form login page
------------------------------
*type* Status report
*message* *Invalid direct reference to form login page*
*description* *The request sent by the client was syntactically incorrect
(Invalid direct reference to form login page)*
*
*
*
*
*
*
*Thank you very much!*
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
I didn't found one.....I don't know, but when I close my browser or I
refresh the page it work's so it's definitely something about the session.
Thank you!
On Thu, Jun 3, 2010 at 11:01 PM, Propes, Barry L <ba...@citi.com>wrote:
> Would there be some sort of caching mechanism keeping the session alive
> somehow?
>
>
> -----Original Message-----
> From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
> Sent: Thursday, June 03, 2010 2:37 PM
> To: Tomcat Users List
> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
>
> Exactly, I supposed that too but when the user click's the logout
> button a servlet is called and that servlet invalidates the session after
> that from the server side a response is given back to the UI from where my
> application is redirected to a restricted resource. So I checked the servlet
> that does the invalidation and it look's fine.
> I spend 2 whole days googling and trying to solve the issue and don't
> know what else to do.
> It is the first time form me to work with JAAS on Tomcat and I don't
> exactly know if the problem is caused by JAAS or by Tomcat but I checked the
> login module and it work's fine and I think this issue is related to Tomcat.
>
>
>
> So please if you have another idea please share it.
>
> Thank you,
>
>
> On Thu, Jun 3, 2010 at 10:27 PM, Propes, Barry L <barry.l.propes@citi.com
> >wrote:
>
> > Sounds like the session's not getting invalidated properly?
> >
> > -----Original Message-----
> > From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
> > Sent: Thursday, June 03, 2010 1:13 PM
> > To: Tomcat Users List
> > Subject: Re: HTTP Status 400 - Invalid direct reference to form login
> page!
> >
> > Hello Barry,
> >
> >
> >
> > Exactly that is my problem, on every forum says that this error
> > happens when you access directly the login page, but when I log out
> > from my app I redirect the url to point to a restricted resource then
> > my login page appears and when I enter the username/password the error
> apears.
> >
> > So after the log out I don't point directly to the login page
> > insted I point to a restricted page and when I get redirected to the
> > login I type my username/pass and I get the error.
> >
> >
> >
> >
> >
> > Thank you very much for your time, I really appreciate!!!!!!!
> >
> >
> >
> >
> >
> >
> >
> > On Thu, Jun 3, 2010 at 8:51 PM, Propes, Barry L
> > <barry.l.propes@citi.com
> > >wrote:
> >
> > > Yeah, I'd say he shouldn't be going "back to the login page" but
> > > rather to the protected page.
> > >
> > > -----Original Message-----
> > > From: Pid [mailto:pid@pidster.com]
> > > Sent: Thursday, June 03, 2010 12:11 PM
> > > To: Tomcat Users List
> > > Subject: Re: HTTP Status 400 - Invalid direct reference to form
> > > login
> > page!
> > >
> > > On 03/06/2010 15:29, Gheorghe Pucea wrote:
> > > > Hello,
> > > >
> > > > I have a problem with my Tomcat instance, I'm using:
> > > >
> > > > Tomcat 6.0.26
> > > > Java jdk 1.5.0_17
> > > > Windows XP SP3
> > > >
> > > > I have implemented a JAAS login module for my application and
> > > > everything goes fine except from one thing.
> > > >
> > > > Here are the steps that I am doing:
> > > >
> > > >
> > > > 1)Request a protected resource -> the login form show's up and I
> > > > enter my username and password
> > >
> > > > 2) I get into the application and everything looks fine but when I
> > > > get back to the login page and enter my username/password again I
> > > > get the
> > > message:
> > > > (If I refresh the login page immediately when I hit the logout
> > > > button everything goes weel)
> > >
> > > Please explain what you mean by "when I get back to the login page".
> > >
> > > Why are you going back to the login page?
> > >
> > >
> > > p
> > >
> > >
> > > > HTTP Status 400 - Invalid direct reference to form login page
> > > > ------------------------------
> > > >
> > > > *type* Status report
> > > >
> > > > *message* *Invalid direct reference to form login page*
> > > >
> > > > *description* *The request sent by the client was syntactically
> > > > incorrect (Invalid direct reference to form login page)*
> > > >
> > > > *
> > > > *
> > > >
> > > > *
> > > > *
> > > >
> > > > *
> > > > *
> > > >
> > > > *Thank you very much!*
> > > >
> > >
> > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > For additional commands, e-mail: users-help@tomcat.apache.org
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: HTTP Status 400 - Invalid direct reference to form login page!
Posted by "Propes, Barry L " <ba...@citi.com>.
Would there be some sort of caching mechanism keeping the session alive somehow?
-----Original Message-----
From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
Sent: Thursday, June 03, 2010 2:37 PM
To: Tomcat Users List
Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
Exactly, I supposed that too but when the user click's the logout button a servlet is called and that servlet invalidates the session after that from the server side a response is given back to the UI from where my application is redirected to a restricted resource. So I checked the servlet that does the invalidation and it look's fine.
I spend 2 whole days googling and trying to solve the issue and don't know what else to do.
It is the first time form me to work with JAAS on Tomcat and I don't exactly know if the problem is caused by JAAS or by Tomcat but I checked the login module and it work's fine and I think this issue is related to Tomcat.
So please if you have another idea please share it.
Thank you,
On Thu, Jun 3, 2010 at 10:27 PM, Propes, Barry L <ba...@citi.com>wrote:
> Sounds like the session's not getting invalidated properly?
>
> -----Original Message-----
> From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
> Sent: Thursday, June 03, 2010 1:13 PM
> To: Tomcat Users List
> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
>
> Hello Barry,
>
>
>
> Exactly that is my problem, on every forum says that this error
> happens when you access directly the login page, but when I log out
> from my app I redirect the url to point to a restricted resource then
> my login page appears and when I enter the username/password the error apears.
>
> So after the log out I don't point directly to the login page
> insted I point to a restricted page and when I get redirected to the
> login I type my username/pass and I get the error.
>
>
>
>
>
> Thank you very much for your time, I really appreciate!!!!!!!
>
>
>
>
>
>
>
> On Thu, Jun 3, 2010 at 8:51 PM, Propes, Barry L
> <barry.l.propes@citi.com
> >wrote:
>
> > Yeah, I'd say he shouldn't be going "back to the login page" but
> > rather to the protected page.
> >
> > -----Original Message-----
> > From: Pid [mailto:pid@pidster.com]
> > Sent: Thursday, June 03, 2010 12:11 PM
> > To: Tomcat Users List
> > Subject: Re: HTTP Status 400 - Invalid direct reference to form
> > login
> page!
> >
> > On 03/06/2010 15:29, Gheorghe Pucea wrote:
> > > Hello,
> > >
> > > I have a problem with my Tomcat instance, I'm using:
> > >
> > > Tomcat 6.0.26
> > > Java jdk 1.5.0_17
> > > Windows XP SP3
> > >
> > > I have implemented a JAAS login module for my application and
> > > everything goes fine except from one thing.
> > >
> > > Here are the steps that I am doing:
> > >
> > >
> > > 1)Request a protected resource -> the login form show's up and I
> > > enter my username and password
> >
> > > 2) I get into the application and everything looks fine but when I
> > > get back to the login page and enter my username/password again I
> > > get the
> > message:
> > > (If I refresh the login page immediately when I hit the logout
> > > button everything goes weel)
> >
> > Please explain what you mean by "when I get back to the login page".
> >
> > Why are you going back to the login page?
> >
> >
> > p
> >
> >
> > > HTTP Status 400 - Invalid direct reference to form login page
> > > ------------------------------
> > >
> > > *type* Status report
> > >
> > > *message* *Invalid direct reference to form login page*
> > >
> > > *description* *The request sent by the client was syntactically
> > > incorrect (Invalid direct reference to form login page)*
> > >
> > > *
> > > *
> > >
> > > *
> > > *
> > >
> > > *
> > > *
> > >
> > > *Thank you very much!*
> > >
> >
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
Exactly, I supposed that too but when the user click's the logout
button a servlet is called and that servlet invalidates the session after
that from the server side a response is given back to the UI from where my
application is redirected to a restricted resource. So I checked the servlet
that does the invalidation and it look's fine.
I spend 2 whole days googling and trying to solve the issue and don't
know what else to do.
It is the first time form me to work with JAAS on Tomcat and I don't
exactly know if the problem is caused by JAAS or by Tomcat but I checked the
login module and it work's fine and I think this issue is related to Tomcat.
So please if you have another idea please share it.
Thank you,
On Thu, Jun 3, 2010 at 10:27 PM, Propes, Barry L <ba...@citi.com>wrote:
> Sounds like the session's not getting invalidated properly?
>
> -----Original Message-----
> From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
> Sent: Thursday, June 03, 2010 1:13 PM
> To: Tomcat Users List
> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
>
> Hello Barry,
>
>
>
> Exactly that is my problem, on every forum says that this error
> happens when you access directly the login page, but when I log out from my
> app I redirect the url to point to a restricted resource then my login page
> appears and when I enter the username/password the error apears.
>
> So after the log out I don't point directly to the login page insted I
> point to a restricted page and when I get redirected to the login I type my
> username/pass and I get the error.
>
>
>
>
>
> Thank you very much for your time, I really appreciate!!!!!!!
>
>
>
>
>
>
>
> On Thu, Jun 3, 2010 at 8:51 PM, Propes, Barry L <barry.l.propes@citi.com
> >wrote:
>
> > Yeah, I'd say he shouldn't be going "back to the login page" but
> > rather to the protected page.
> >
> > -----Original Message-----
> > From: Pid [mailto:pid@pidster.com]
> > Sent: Thursday, June 03, 2010 12:11 PM
> > To: Tomcat Users List
> > Subject: Re: HTTP Status 400 - Invalid direct reference to form login
> page!
> >
> > On 03/06/2010 15:29, Gheorghe Pucea wrote:
> > > Hello,
> > >
> > > I have a problem with my Tomcat instance, I'm using:
> > >
> > > Tomcat 6.0.26
> > > Java jdk 1.5.0_17
> > > Windows XP SP3
> > >
> > > I have implemented a JAAS login module for my application and
> > > everything goes fine except from one thing.
> > >
> > > Here are the steps that I am doing:
> > >
> > >
> > > 1)Request a protected resource -> the login form show's up and I
> > > enter my username and password
> >
> > > 2) I get into the application and everything looks fine but when I
> > > get back to the login page and enter my username/password again I
> > > get the
> > message:
> > > (If I refresh the login page immediately when I hit the logout
> > > button everything goes weel)
> >
> > Please explain what you mean by "when I get back to the login page".
> >
> > Why are you going back to the login page?
> >
> >
> > p
> >
> >
> > > HTTP Status 400 - Invalid direct reference to form login page
> > > ------------------------------
> > >
> > > *type* Status report
> > >
> > > *message* *Invalid direct reference to form login page*
> > >
> > > *description* *The request sent by the client was syntactically
> > > incorrect (Invalid direct reference to form login page)*
> > >
> > > *
> > > *
> > >
> > > *
> > > *
> > >
> > > *
> > > *
> > >
> > > *Thank you very much!*
> > >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: HTTP Status 400 - Invalid direct reference to form login page!
Posted by "Propes, Barry L " <ba...@citi.com>.
Sounds like the session's not getting invalidated properly?
-----Original Message-----
From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
Sent: Thursday, June 03, 2010 1:13 PM
To: Tomcat Users List
Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
Hello Barry,
Exactly that is my problem, on every forum says that this error happens when you access directly the login page, but when I log out from my app I redirect the url to point to a restricted resource then my login page appears and when I enter the username/password the error apears.
So after the log out I don't point directly to the login page insted I point to a restricted page and when I get redirected to the login I type my username/pass and I get the error.
Thank you very much for your time, I really appreciate!!!!!!!
On Thu, Jun 3, 2010 at 8:51 PM, Propes, Barry L <ba...@citi.com>wrote:
> Yeah, I'd say he shouldn't be going "back to the login page" but
> rather to the protected page.
>
> -----Original Message-----
> From: Pid [mailto:pid@pidster.com]
> Sent: Thursday, June 03, 2010 12:11 PM
> To: Tomcat Users List
> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
>
> On 03/06/2010 15:29, Gheorghe Pucea wrote:
> > Hello,
> >
> > I have a problem with my Tomcat instance, I'm using:
> >
> > Tomcat 6.0.26
> > Java jdk 1.5.0_17
> > Windows XP SP3
> >
> > I have implemented a JAAS login module for my application and
> > everything goes fine except from one thing.
> >
> > Here are the steps that I am doing:
> >
> >
> > 1)Request a protected resource -> the login form show's up and I
> > enter my username and password
>
> > 2) I get into the application and everything looks fine but when I
> > get back to the login page and enter my username/password again I
> > get the
> message:
> > (If I refresh the login page immediately when I hit the logout
> > button everything goes weel)
>
> Please explain what you mean by "when I get back to the login page".
>
> Why are you going back to the login page?
>
>
> p
>
>
> > HTTP Status 400 - Invalid direct reference to form login page
> > ------------------------------
> >
> > *type* Status report
> >
> > *message* *Invalid direct reference to form login page*
> >
> > *description* *The request sent by the client was syntactically
> > incorrect (Invalid direct reference to form login page)*
> >
> > *
> > *
> >
> > *
> > *
> >
> > *
> > *
> >
> > *Thank you very much!*
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
Hello Barry,
Exactly that is my problem, on every forum says that this error
happens when you access directly the login page, but when I log out from my
app I redirect the url to point to a restricted resource then my login page
appears and when I enter the username/password the error apears.
So after the log out I don't point directly to the login page insted I
point to a restricted page and when I get redirected to the login I type my
username/pass and I get the error.
Thank you very much for your time, I really appreciate!!!!!!!
On Thu, Jun 3, 2010 at 8:51 PM, Propes, Barry L <ba...@citi.com>wrote:
> Yeah, I'd say he shouldn't be going "back to the login page" but rather to
> the protected page.
>
> -----Original Message-----
> From: Pid [mailto:pid@pidster.com]
> Sent: Thursday, June 03, 2010 12:11 PM
> To: Tomcat Users List
> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
>
> On 03/06/2010 15:29, Gheorghe Pucea wrote:
> > Hello,
> >
> > I have a problem with my Tomcat instance, I'm using:
> >
> > Tomcat 6.0.26
> > Java jdk 1.5.0_17
> > Windows XP SP3
> >
> > I have implemented a JAAS login module for my application and
> > everything goes fine except from one thing.
> >
> > Here are the steps that I am doing:
> >
> >
> > 1)Request a protected resource -> the login form show's up and I
> > enter my username and password
>
> > 2) I get into the application and everything looks fine but when I get
> > back to the login page and enter my username/password again I get the
> message:
> > (If I refresh the login page immediately when I hit the logout button
> > everything goes weel)
>
> Please explain what you mean by "when I get back to the login page".
>
> Why are you going back to the login page?
>
>
> p
>
>
> > HTTP Status 400 - Invalid direct reference to form login page
> > ------------------------------
> >
> > *type* Status report
> >
> > *message* *Invalid direct reference to form login page*
> >
> > *description* *The request sent by the client was syntactically
> > incorrect (Invalid direct reference to form login page)*
> >
> > *
> > *
> >
> > *
> > *
> >
> > *
> > *
> >
> > *Thank you very much!*
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: HTTP Status 400 - Invalid direct reference to form login page!
Posted by "Propes, Barry L " <ba...@citi.com>.
Yeah, I'd say he shouldn't be going "back to the login page" but rather to the protected page.
-----Original Message-----
From: Pid [mailto:pid@pidster.com]
Sent: Thursday, June 03, 2010 12:11 PM
To: Tomcat Users List
Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
On 03/06/2010 15:29, Gheorghe Pucea wrote:
> Hello,
>
> I have a problem with my Tomcat instance, I'm using:
>
> Tomcat 6.0.26
> Java jdk 1.5.0_17
> Windows XP SP3
>
> I have implemented a JAAS login module for my application and
> everything goes fine except from one thing.
>
> Here are the steps that I am doing:
>
>
> 1)Request a protected resource -> the login form show's up and I
> enter my username and password
> 2) I get into the application and everything looks fine but when I get
> back to the login page and enter my username/password again I get the message:
> (If I refresh the login page immediately when I hit the logout button
> everything goes weel)
Please explain what you mean by "when I get back to the login page".
Why are you going back to the login page?
p
> HTTP Status 400 - Invalid direct reference to form login page
> ------------------------------
>
> *type* Status report
>
> *message* *Invalid direct reference to form login page*
>
> *description* *The request sent by the client was syntactically
> incorrect (Invalid direct reference to form login page)*
>
> *
> *
>
> *
> *
>
> *
> *
>
> *Thank you very much!*
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
After I perform the log out I call a redirect function to a protected
resource and that goes well.
Somewhere I found that I need to set this tag in mai login.html page:
<META HTTP-EQUIV = "Pragma" CONTENT="no-cache">
<META HTTP-EQUIV = "Cache-control" CONTENT="no-cache">
And I did that and after I hit the logout button and perform another login
it seem to work, but if I continue and log out and then again log in the
problem occurs again!
Thank you for your time!
On Fri, Jun 4, 2010 at 12:11 PM, Pid <pi...@pidster.com> wrote:
> On 04/06/2010 01:19, Martin Gainty wrote:
> >
> > the reference is to URLEncoder class
> >
> > URLEncoder Utility class is used for HTML form encoding. This class
> contains static methods for converting a String to the
> application/x-www-form-urlencoded MIME format
> >
> > javadoc for encode methods of the URLEncoder are illustrated at
> >
> > http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
>
> Not it's not, it's a reference to "response.encodeRedirectURL(path)"
>
> Instead of continuing to talk about this in the abstract, how about you
> post some details of your configuration and the code you're using to
> logout?
>
> Where is the login form, what URL is it?
>
> Which URL are you redirecting to after logout, and how are you doing that?
>
> etc
>
>
> p
>
>
> > ______________________________________________
> > Verzicht und Vertraulichkeitanmerkung
> >
> > Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
> dient lediglich dem Austausch von Informationen und entfaltet keine
> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
> >
> >
> >
> >> Date: Fri, 4 Jun 2010 00:34:36 +0300
> >> Subject: Re: HTTP Status 400 - Invalid direct reference to form login
> page!
> >> From: george.pucea@gmail.com
> >> To: users@tomcat.apache.org
> >>
> >> Hello Cris,
> >>
> >> *After you call session.invalidation(), what does your code do,
> >> specifically? If you do a "forward" to a protected resource, strange
> >> things may happen with cookie-passing.*
> >>
> >> After the session get's invalidate(on the server side) my code send back
> a
> >> request success to the UI and then the Ui redirect's my app to the
> protected
> >> resource.
> >>
> >> *Does your login form properly encode the session id into it's <form>
> >> action? Does your logout code properly encode the session id into the
> >> redirect URL? Have you enabled/disabled cookies in your web browser?*
> >>
> >> My cookies are enabled. But I don't know exactly if the login/logout
> code
> >> form properly encode the session id into it's <form>(how can I test
> that?)
> >>
> >>
> >>
> >> Thank you very much!!!!
> >>
> >>
> >>
> >> On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
> >> chris@christopherschultz.net> wrote:
> >>
> > Gheorghe,
> >
> > On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
> >>>>> By "when I get back to the login page" I mean that I log out from my
> app
> > and
> >>>>> then I redirect my app to a restricted resource and when my login
> page
> >>>>> appears I type my User/pass and the error occurs.
> >>>>>
> >>>>> I want to add something, when I log out and after I redirect my app
> to a
> >>>>> protected resource the login page show's up if I hit the refresh
> button
> > on
> >>>>> my browser and I type in my user/pass it works.
> >
> > After you call session.invalidation(), what does your code do,
> > specifically? If you do a "forward" to a protected resource, strange
> > things may happen with cookie-passing.
> >
> > Does your login form properly encode the session id into it's <form>
> > action? Does your logout code properly encode the session id into the
> > redirect URL? Have you enabled/disabled cookies in your web browser?
> >
> > -chris
> >>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> >>>
> >>>
>
> > _________________________________________________________________
> > The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with
> Hotmail.
> >
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
>
>
>
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Pid <pi...@pidster.com>.
On 04/06/2010 01:19, Martin Gainty wrote:
>
> the reference is to URLEncoder class
>
> URLEncoder Utility class is used for HTML form encoding. This class contains static methods for converting a String to the application/x-www-form-urlencoded MIME format
>
> javadoc for encode methods of the URLEncoder are illustrated at
>
> http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
Not it's not, it's a reference to "response.encodeRedirectURL(path)"
Instead of continuing to talk about this in the abstract, how about you
post some details of your configuration and the code you're using to logout?
Where is the login form, what URL is it?
Which URL are you redirecting to after logout, and how are you doing that?
etc
p
> ______________________________________________
> Verzicht und Vertraulichkeitanmerkung
>
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>
>
>
>> Date: Fri, 4 Jun 2010 00:34:36 +0300
>> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
>> From: george.pucea@gmail.com
>> To: users@tomcat.apache.org
>>
>> Hello Cris,
>>
>> *After you call session.invalidation(), what does your code do,
>> specifically? If you do a "forward" to a protected resource, strange
>> things may happen with cookie-passing.*
>>
>> After the session get's invalidate(on the server side) my code send back a
>> request success to the UI and then the Ui redirect's my app to the protected
>> resource.
>>
>> *Does your login form properly encode the session id into it's <form>
>> action? Does your logout code properly encode the session id into the
>> redirect URL? Have you enabled/disabled cookies in your web browser?*
>>
>> My cookies are enabled. But I don't know exactly if the login/logout code
>> form properly encode the session id into it's <form>(how can I test that?)
>>
>>
>>
>> Thank you very much!!!!
>>
>>
>>
>> On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
>> chris@christopherschultz.net> wrote:
>>
> Gheorghe,
>
> On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
>>>>> By "when I get back to the login page" I mean that I log out from my app
> and
>>>>> then I redirect my app to a restricted resource and when my login page
>>>>> appears I type my User/pass and the error occurs.
>>>>>
>>>>> I want to add something, when I log out and after I redirect my app to a
>>>>> protected resource the login page show's up if I hit the refresh button
> on
>>>>> my browser and I type in my user/pass it works.
>
> After you call session.invalidation(), what does your code do,
> specifically? If you do a "forward" to a protected resource, strange
> things may happen with cookie-passing.
>
> Does your login form properly encode the session id into it's <form>
> action? Does your logout code properly encode the session id into the
> redirect URL? Have you enabled/disabled cookies in your web browser?
>
> -chris
>>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
> _________________________________________________________________
> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
Please I really need help. I found out today that it work's on opera to.
Many thanks!!!
On Fri, Jun 4, 2010 at 8:59 AM, Gheorghe Pucea <ge...@gmail.com>wrote:
>
>
>
> The encoding is ok I tried it out today. But I need to add one more thing
> the problem doesn't appear
> on Google Chrome but it appears on IE8 and Mozila 3.5.9.
>
>
>
> On Fri, Jun 4, 2010 at 3:19 AM, Martin Gainty <mg...@hotmail.com> wrote:
>
>>
>> the reference is to URLEncoder class
>>
>> URLEncoder Utility class is used for HTML form encoding. This class
>> contains static methods for converting a String to the
>> application/x-www-form-urlencoded MIME format
>>
>> javadoc for encode methods of the URLEncoder are illustrated at
>>
>>
>>
>> http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
>>
>> Martin
>> ______________________________________________
>> Verzicht und Vertraulichkeitanmerkung
>>
>> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
>> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
>> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
>> dient lediglich dem Austausch von Informationen und entfaltet keine
>> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
>> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>>
>>
>>
>> > Date: Fri, 4 Jun 2010 00:34:36 +0300
>> > Subject: Re: HTTP Status 400 - Invalid direct reference to form login
>> page!
>> > From: george.pucea@gmail.com
>> > To: users@tomcat.apache.org
>> >
>> > Hello Cris,
>> >
>> > *After you call session.invalidation(), what does your code do,
>> > specifically? If you do a "forward" to a protected resource, strange
>> > things may happen with cookie-passing.*
>> >
>> > After the session get's invalidate(on the server side) my code send back
>> a
>> > request success to the UI and then the Ui redirect's my app to the
>> protected
>> > resource.
>> >
>> > *Does your login form properly encode the session id into it's <form>
>> > action? Does your logout code properly encode the session id into the
>> > redirect URL? Have you enabled/disabled cookies in your web browser?*
>> >
>> > My cookies are enabled. But I don't know exactly if the login/logout
>> code
>> > form properly encode the session id into it's <form>(how can I test
>> that?)
>> >
>> >
>> >
>> > Thank you very much!!!!
>> >
>> >
>> >
>> > On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
>> > chris@christopherschultz.net> wrote:
>> >
>> > > -----BEGIN PGP SIGNED MESSAGE-----
>> > > Hash: SHA1
>> > >
>> > > Gheorghe,
>> > >
>> > > On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
>> > > > By "when I get back to the login page" I mean that I log out from my
>> app
>> > > and
>> > > > then I redirect my app to a restricted resource and when my login
>> page
>> > > > appears I type my User/pass and the error occurs.
>> > > >
>> > > > I want to add something, when I log out and after I redirect my app
>> to a
>> > > > protected resource the login page show's up if I hit the refresh
>> button
>> > > on
>> > > > my browser and I type in my user/pass it works.
>> > >
>> > > After you call session.invalidation(), what does your code do,
>> > > specifically? If you do a "forward" to a protected resource, strange
>> > > things may happen with cookie-passing.
>> > >
>> > > Does your login form properly encode the session id into it's <form>
>> > > action? Does your logout code properly encode the session id into the
>> > > redirect URL? Have you enabled/disabled cookies in your web browser?
>> > >
>> > > - -chris
>> > > -----BEGIN PGP SIGNATURE-----
>> > > Version: GnuPG v1.4.10 (MingW32)
>> > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>> > >
>> > > iEYEARECAAYFAkwIHaIACgkQ9CaO5/Lv0PD4egCfT9LLrkpGYO39bqTTki1arNoc
>> > > k+4An0eBb+93c9XYCgzNXnF4BZop8NTI
>> > > =lzIW
>> > > -----END PGP SIGNATURE-----
>> > >
>> > > ---------------------------------------------------------------------
>> > > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> > > For additional commands, e-mail: users-help@tomcat.apache.org
>> > >
>> > >
>>
>> _________________________________________________________________
>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with
>> Hotmail.
>>
>> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
>>
>
>
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
The encoding is ok I tried it out today. But I need to add one more thing
the problem doesn't appear
on Google Chrome but it appears on IE8 and Mozila 3.5.9.
On Fri, Jun 4, 2010 at 3:19 AM, Martin Gainty <mg...@hotmail.com> wrote:
>
> the reference is to URLEncoder class
>
> URLEncoder Utility class is used for HTML form encoding. This class
> contains static methods for converting a String to the
> application/x-www-form-urlencoded MIME format
>
> javadoc for encode methods of the URLEncoder are illustrated at
>
>
>
> http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
>
> Martin
> ______________________________________________
> Verzicht und Vertraulichkeitanmerkung
>
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
> dient lediglich dem Austausch von Informationen und entfaltet keine
> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>
>
>
> > Date: Fri, 4 Jun 2010 00:34:36 +0300
> > Subject: Re: HTTP Status 400 - Invalid direct reference to form login
> page!
> > From: george.pucea@gmail.com
> > To: users@tomcat.apache.org
> >
> > Hello Cris,
> >
> > *After you call session.invalidation(), what does your code do,
> > specifically? If you do a "forward" to a protected resource, strange
> > things may happen with cookie-passing.*
> >
> > After the session get's invalidate(on the server side) my code send back
> a
> > request success to the UI and then the Ui redirect's my app to the
> protected
> > resource.
> >
> > *Does your login form properly encode the session id into it's <form>
> > action? Does your logout code properly encode the session id into the
> > redirect URL? Have you enabled/disabled cookies in your web browser?*
> >
> > My cookies are enabled. But I don't know exactly if the login/logout code
> > form properly encode the session id into it's <form>(how can I test
> that?)
> >
> >
> >
> > Thank you very much!!!!
> >
> >
> >
> > On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
> > chris@christopherschultz.net> wrote:
> >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > Gheorghe,
> > >
> > > On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
> > > > By "when I get back to the login page" I mean that I log out from my
> app
> > > and
> > > > then I redirect my app to a restricted resource and when my login
> page
> > > > appears I type my User/pass and the error occurs.
> > > >
> > > > I want to add something, when I log out and after I redirect my app
> to a
> > > > protected resource the login page show's up if I hit the refresh
> button
> > > on
> > > > my browser and I type in my user/pass it works.
> > >
> > > After you call session.invalidation(), what does your code do,
> > > specifically? If you do a "forward" to a protected resource, strange
> > > things may happen with cookie-passing.
> > >
> > > Does your login form properly encode the session id into it's <form>
> > > action? Does your logout code properly encode the session id into the
> > > redirect URL? Have you enabled/disabled cookies in your web browser?
> > >
> > > - -chris
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1.4.10 (MingW32)
> > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> > >
> > > iEYEARECAAYFAkwIHaIACgkQ9CaO5/Lv0PD4egCfT9LLrkpGYO39bqTTki1arNoc
> > > k+4An0eBb+93c9XYCgzNXnF4BZop8NTI
> > > =lzIW
> > > -----END PGP SIGNATURE-----
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > For additional commands, e-mail: users-help@tomcat.apache.org
> > >
> > >
>
> _________________________________________________________________
> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with
> Hotmail.
>
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
>
RE: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Martin Gainty <mg...@hotmail.com>.
the reference is to URLEncoder class
URLEncoder Utility class is used for HTML form encoding. This class contains static methods for converting a String to the application/x-www-form-urlencoded MIME format
javadoc for encode methods of the URLEncoder are illustrated at
http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html
Martin
______________________________________________
Verzicht und Vertraulichkeitanmerkung
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
> Date: Fri, 4 Jun 2010 00:34:36 +0300
> Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
> From: george.pucea@gmail.com
> To: users@tomcat.apache.org
>
> Hello Cris,
>
> *After you call session.invalidation(), what does your code do,
> specifically? If you do a "forward" to a protected resource, strange
> things may happen with cookie-passing.*
>
> After the session get's invalidate(on the server side) my code send back a
> request success to the UI and then the Ui redirect's my app to the protected
> resource.
>
> *Does your login form properly encode the session id into it's <form>
> action? Does your logout code properly encode the session id into the
> redirect URL? Have you enabled/disabled cookies in your web browser?*
>
> My cookies are enabled. But I don't know exactly if the login/logout code
> form properly encode the session id into it's <form>(how can I test that?)
>
>
>
> Thank you very much!!!!
>
>
>
> On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
> chris@christopherschultz.net> wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Gheorghe,
> >
> > On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
> > > By "when I get back to the login page" I mean that I log out from my app
> > and
> > > then I redirect my app to a restricted resource and when my login page
> > > appears I type my User/pass and the error occurs.
> > >
> > > I want to add something, when I log out and after I redirect my app to a
> > > protected resource the login page show's up if I hit the refresh button
> > on
> > > my browser and I type in my user/pass it works.
> >
> > After you call session.invalidation(), what does your code do,
> > specifically? If you do a "forward" to a protected resource, strange
> > things may happen with cookie-passing.
> >
> > Does your login form properly encode the session id into it's <form>
> > action? Does your logout code properly encode the session id into the
> > redirect URL? Have you enabled/disabled cookies in your web browser?
> >
> > - -chris
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.10 (MingW32)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> >
> > iEYEARECAAYFAkwIHaIACgkQ9CaO5/Lv0PD4egCfT9LLrkpGYO39bqTTki1arNoc
> > k+4An0eBb+93c9XYCgzNXnF4BZop8NTI
> > =lzIW
> > -----END PGP SIGNATURE-----
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
_________________________________________________________________
The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
Hello Cris,
*After you call session.invalidation(), what does your code do,
specifically? If you do a "forward" to a protected resource, strange
things may happen with cookie-passing.*
After the session get's invalidate(on the server side) my code send back a
request success to the UI and then the Ui redirect's my app to the protected
resource.
*Does your login form properly encode the session id into it's <form>
action? Does your logout code properly encode the session id into the
redirect URL? Have you enabled/disabled cookies in your web browser?*
My cookies are enabled. But I don't know exactly if the login/logout code
form properly encode the session id into it's <form>(how can I test that?)
Thank you very much!!!!
On Fri, Jun 4, 2010 at 12:24 AM, Christopher Schultz <
chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Gheorghe,
>
> On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
> > By "when I get back to the login page" I mean that I log out from my app
> and
> > then I redirect my app to a restricted resource and when my login page
> > appears I type my User/pass and the error occurs.
> >
> > I want to add something, when I log out and after I redirect my app to a
> > protected resource the login page show's up if I hit the refresh button
> on
> > my browser and I type in my user/pass it works.
>
> After you call session.invalidation(), what does your code do,
> specifically? If you do a "forward" to a protected resource, strange
> things may happen with cookie-passing.
>
> Does your login form properly encode the session id into it's <form>
> action? Does your logout code properly encode the session id into the
> redirect URL? Have you enabled/disabled cookies in your web browser?
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkwIHaIACgkQ9CaO5/Lv0PD4egCfT9LLrkpGYO39bqTTki1arNoc
> k+4An0eBb+93c9XYCgzNXnF4BZop8NTI
> =lzIW
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gheorghe,
On 6/3/2010 2:18 PM, Gheorghe Pucea wrote:
> By "when I get back to the login page" I mean that I log out from my app and
> then I redirect my app to a restricted resource and when my login page
> appears I type my User/pass and the error occurs.
>
> I want to add something, when I log out and after I redirect my app to a
> protected resource the login page show's up if I hit the refresh button on
> my browser and I type in my user/pass it works.
After you call session.invalidation(), what does your code do,
specifically? If you do a "forward" to a protected resource, strange
things may happen with cookie-passing.
Does your login form properly encode the session id into it's <form>
action? Does your logout code properly encode the session id into the
redirect URL? Have you enabled/disabled cookies in your web browser?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkwIHaIACgkQ9CaO5/Lv0PD4egCfT9LLrkpGYO39bqTTki1arNoc
k+4An0eBb+93c9XYCgzNXnF4BZop8NTI
=lzIW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
Sorry Pid I didn't noticed your message.
By "when I get back to the login page" I mean that I log out from my app and
then I redirect my app to a restricted resource and when my login page
appears I type my User/pass and the error occurs.
I want to add something, when I log out and after I redirect my app to a
protected resource the login page show's up if I hit the refresh button on
my browser and I type in my user/pass it works.
Thank you very much for your time!!!!
Really appreciate!
On Thu, Jun 3, 2010 at 8:11 PM, Pid <pi...@pidster.com> wrote:
> On 03/06/2010 15:29, Gheorghe Pucea wrote:
> > Hello,
> >
> > I have a problem with my Tomcat instance, I'm using:
> >
> > Tomcat 6.0.26
> > Java jdk 1.5.0_17
> > Windows XP SP3
> >
> > I have implemented a JAAS login module for my application and
> everything
> > goes fine except from one thing.
> >
> > Here are the steps that I am doing:
> >
> >
> > 1)Request a protected resource -> the login form show's up and I enter
> my
> > username and password
>
> > 2) I get into the application and everything looks fine but when I get
> back
> > to the login page and enter my username/password again I get the message:
> > (If I refresh the login page immediately when I hit the logout button
> > everything goes weel)
>
> Please explain what you mean by "when I get back to the login page".
>
> Why are you going back to the login page?
>
>
> p
>
>
> > HTTP Status 400 - Invalid direct reference to form login page
> > ------------------------------
> >
> > *type* Status report
> >
> > *message* *Invalid direct reference to form login page*
> >
> > *description* *The request sent by the client was syntactically incorrect
> > (Invalid direct reference to form login page)*
> >
> > *
> > *
> >
> > *
> > *
> >
> > *
> > *
> >
> > *Thank you very much!*
> >
>
>
>
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Pid <pi...@pidster.com>.
On 03/06/2010 15:29, Gheorghe Pucea wrote:
> Hello,
>
> I have a problem with my Tomcat instance, I'm using:
>
> Tomcat 6.0.26
> Java jdk 1.5.0_17
> Windows XP SP3
>
> I have implemented a JAAS login module for my application and everything
> goes fine except from one thing.
>
> Here are the steps that I am doing:
>
>
> 1)Request a protected resource -> the login form show's up and I enter my
> username and password
> 2) I get into the application and everything looks fine but when I get back
> to the login page and enter my username/password again I get the message:
> (If I refresh the login page immediately when I hit the logout button
> everything goes weel)
Please explain what you mean by "when I get back to the login page".
Why are you going back to the login page?
p
> HTTP Status 400 - Invalid direct reference to form login page
> ------------------------------
>
> *type* Status report
>
> *message* *Invalid direct reference to form login page*
>
> *description* *The request sent by the client was syntactically incorrect
> (Invalid direct reference to form login page)*
>
> *
> *
>
> *
> *
>
> *
> *
>
> *Thank you very much!*
>
RE: HTTP Status 400 - Invalid direct reference to form login page!
Posted by "Propes, Barry L " <ba...@citi.com>.
It worked for some users; for others it did not.
I'm not sure I ever received a definitive reason for it happening - especially to random users -- but it happened to the same set of users most all the time, where others weren't affected.
You could try that first, and see if that worked. If not, I'm not sure what to tell you. Maybe some others on this forum would know better than I.
-----Original Message-----
From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
Sent: Thursday, June 03, 2010 11:47 AM
To: Tomcat Users List
Subject: Re: HTTP Status 400 - Invalid direct reference to form login page!
Hello Barry,
Thank you very much for your quick respone, but I think that version of Tomcat was very old compared to Tomcat 6.0.26 I think the problem should be fix by now.
So you suggest that I manually should clear my browser's cache?And this should fix my problem?
On Thu, Jun 3, 2010 at 7:10 PM, Propes, Barry L <ba...@citi.com>wrote:
> I had that happen periodically for years with my version of TC 4.1.31.
>
> With some folks, we could get it to go away, by cleaning out browser cache.
> With others, it was the same people that incurred it all the time.
> They could access "other" protected areas, but not the one.
> I ended up making a duplicate non-protected piece for them. For me it
> wasn't a big deal, because they already were -- in a sense -- in a
> protected piece to begin with. But it would have been better if it'd worked.
>
> -----Original Message-----
> From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
> Sent: Thursday, June 03, 2010 9:30 AM
> To: users@tomcat.apache.org
> Subject: HTTP Status 400 - Invalid direct reference to form login page!
>
> Hello,
>
>
>
> I have a problem with my Tomcat instance, I'm using:
>
>
> Tomcat 6.0.26
> Java jdk 1.5.0_17
> Windows XP SP3
>
>
> I have implemented a JAAS login module for my application and
> everything goes fine except from one thing.
>
> Here are the steps that I am doing:
>
>
> 1)Request a protected resource -> the login form show's up and I
> enter my username and password
> 2) I get into the application and everything looks fine but when I get
> back to the login page and enter my username/password again I get the message:
> (If I refresh the login page immediately when I hit the logout button
> everything goes weel) HTTP Status 400 - Invalid direct reference to
> form login page
> ------------------------------
>
> *type* Status report
>
> *message* *Invalid direct reference to form login page*
>
> *description* *The request sent by the client was syntactically
> incorrect (Invalid direct reference to form login page)*
>
> *
> *
>
> *
> *
>
> *
> *
>
> *Thank you very much!*
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 400 - Invalid direct reference to form login page!
Posted by Gheorghe Pucea <ge...@gmail.com>.
Hello Barry,
Thank you very much for your quick respone, but I think that version of
Tomcat was very old compared to Tomcat 6.0.26 I think the problem should be
fix by now.
So you suggest that I manually should clear my browser's cache?And this
should fix my problem?
On Thu, Jun 3, 2010 at 7:10 PM, Propes, Barry L <ba...@citi.com>wrote:
> I had that happen periodically for years with my version of TC 4.1.31.
>
> With some folks, we could get it to go away, by cleaning out browser cache.
> With others, it was the same people that incurred it all the time. They
> could access "other" protected areas, but not the one.
> I ended up making a duplicate non-protected piece for them. For me it
> wasn't a big deal, because they already were -- in a sense -- in a protected
> piece to begin with. But it would have been better if it'd worked.
>
> -----Original Message-----
> From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
> Sent: Thursday, June 03, 2010 9:30 AM
> To: users@tomcat.apache.org
> Subject: HTTP Status 400 - Invalid direct reference to form login page!
>
> Hello,
>
>
>
> I have a problem with my Tomcat instance, I'm using:
>
>
> Tomcat 6.0.26
> Java jdk 1.5.0_17
> Windows XP SP3
>
>
> I have implemented a JAAS login module for my application and everything
> goes fine except from one thing.
>
> Here are the steps that I am doing:
>
>
> 1)Request a protected resource -> the login form show's up and I enter my
> username and password
> 2) I get into the application and everything looks fine but when I get back
> to the login page and enter my username/password again I get the message:
> (If I refresh the login page immediately when I hit the logout button
> everything goes weel) HTTP Status 400 - Invalid direct reference to form
> login page
> ------------------------------
>
> *type* Status report
>
> *message* *Invalid direct reference to form login page*
>
> *description* *The request sent by the client was syntactically incorrect
> (Invalid direct reference to form login page)*
>
> *
> *
>
> *
> *
>
> *
> *
>
> *Thank you very much!*
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: HTTP Status 400 - Invalid direct reference to form login page!
Posted by "Propes, Barry L " <ba...@citi.com>.
I had that happen periodically for years with my version of TC 4.1.31.
With some folks, we could get it to go away, by cleaning out browser cache. With others, it was the same people that incurred it all the time. They could access "other" protected areas, but not the one.
I ended up making a duplicate non-protected piece for them. For me it wasn't a big deal, because they already were -- in a sense -- in a protected piece to begin with. But it would have been better if it'd worked.
-----Original Message-----
From: Gheorghe Pucea [mailto:george.pucea@gmail.com]
Sent: Thursday, June 03, 2010 9:30 AM
To: users@tomcat.apache.org
Subject: HTTP Status 400 - Invalid direct reference to form login page!
Hello,
I have a problem with my Tomcat instance, I'm using:
Tomcat 6.0.26
Java jdk 1.5.0_17
Windows XP SP3
I have implemented a JAAS login module for my application and everything goes fine except from one thing.
Here are the steps that I am doing:
1)Request a protected resource -> the login form show's up and I enter my username and password
2) I get into the application and everything looks fine but when I get back to the login page and enter my username/password again I get the message:
(If I refresh the login page immediately when I hit the logout button everything goes weel) HTTP Status 400 - Invalid direct reference to form login page
------------------------------
*type* Status report
*message* *Invalid direct reference to form login page*
*description* *The request sent by the client was syntactically incorrect (Invalid direct reference to form login page)*
*
*
*
*
*
*
*Thank you very much!*
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org