You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Daniel Germain <da...@hotmail.com> on 2003/12/13 22:30:30 UTC
Session problem?JDBCRealm: Invalid direct reference to form login page
I'm trying to use the JDCBRealm from Tomcat 4.1.27 with an enhydra 5.0
application servlet
and got the following problem "Invalid direct reference to form login page"
which seem to be related to the session management.
>From what I understand, a session is first created (by enhydra SessionMgr)
when browsing unprotected page. Next a protected page is requested and we
are
redirected to the login page but with a new session created by Tomcat 4.1.
The FormAuthenticator will save the initial request in this new session
created by Tomcat 4.1.
The user is then properly authenticated but Tomcat try to retrieve the
initial request
in the initial session created by Enhydra, and it is unable to access it, it
creates
another session and say there is an "Invalid direct reference to form login
page".
REQUEST URI =/enhydra/catalogue/Categories.htm
cookie=JSESSIONID=R3ubmDGE-O571edTbpty5Uu6
header=referer=http://localhost:8080/enhydra/AccueilGeneral.html
header=cookie=JSESSIONID=R3ubmDGE-O571edTbpty5Uu6
requestedSessionId=R3ubmDGE-O571edTbpty5Uu6
---------------------------------------------------------------
Checking constraint 'SecurityConstraint[Protected Area]' against GET
/catalogue/Categories.htm --> true
Save request in session 'C8BC7F93D9808C8C7532B3282C364B14'
Redirect to login page '/enhydra/NewLogin.html'
Failed authenticate() test
---------------------------------------------------------------
cookie=JSESSIONID=C8BC7F93D9808C8C7532B3282C364B14;
domain=null; path=/enhydra
header=Set-Cookie=JSESSIONID=C8BC7F93D9808C8C7532B3282C364B14;
Path=/enhydra
header=Location=http://localhost:8080/enhydra/NewLogin.html
status=302
=============================================================
REQUEST URI =/enhydra/NewLogin.html
cookie=JSESSIONID=R3ubmDGE-O571edTbpty5Uu6
cookie=JSESSIONID=C8BC7F93D9808C8C7532B3282C364B14
header=referer=http://localhost:8080/enhydra/AccueilGeneral.html
header=cookie=JSESSIONID=R3ubmDGE-O571edTbpty5Uu6;
JSESSIONID=C8BC7F93D9808C8C7532B3282C364B14
requestedSessionId=R3ubmDGE-O571edTbpty5Uu6
---------------------------------------------------------------
Checking constraint 'SecurityConstraint[Protected Area]' against GET
/NewLogin.html --> false
Mapped to servlet 'enhydra' with servlet path '' and path info
'/NewLogin.html' and update=true
---------------------------------------------------------------
contentType=text/html; charset=ISO-8859-1
status=200
=============================================================
REQUEST URI =/enhydra/j_security_check
cookie=JSESSIONID=R3ubmDGE-O571edTbpty5Uu6
cookie=JSESSIONID=C8BC7F93D9808C8C7532B3282C364B14
header=referer=http://localhost:8080/enhydra/NewLogin.html
header=cookie=JSESSIONID=R3ubmDGE-O571edTbpty5Uu6;
JSESSIONID=C8BC7F93D9808C8C7532B3282C364B14
requestedSessionId=R3ubmDGE-O571edTbpty5Uu6
---------------------------------------------------------------
Security checking request POST /enhydra/j_security_check
Authentication of 'dan' was successful
Redirecting to original 'null'
Failed authenticate() test
---------------------------------------------------------------
cookie=JSESSIONID=91AD787C623278EF332FE2235EAB5451;
domain=null; path=/enhydra
header=Set-Cookie=JSESSIONID=91AD787C623278EF332FE2235EAB5451;
Path=/enhydra
message=Référence directe à la form de connexion (form login
page) invalide
remoteUser=null
status=400
=============================================================
_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org