You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/03/14 18:58:28 UTC
DO NOT REPLY [Bug 18005] New: -
Realm authentication "forgets" requested URL
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18005>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18005
Realm authentication "forgets" requested URL
Summary: Realm authentication "forgets" requested URL
Product: Tomcat 4
Version: 4.1.18
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: jswap@yahoo.com
To recreate this problem:
- Request a page that is protected by realm authentication. You should see the
login page.
- Allow enough time to elapse that the session expires (usually 30 minutes)
- Now try logging in with a valid username and password. You will see an error
page with a message to the effect "Direct reference to the login page".
Because the session expired, the originally requested URL was lost by the
container. This should never happen as it is very frustrating and confusing to
the end-user. The obvious solution is to save the URL as a request parameter,
rather than saving it in the user's session.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org