You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Kevin Jones <ke...@develop.com> on 2001/06/18 16:38:31 UTC

Form based Security not working as expected

In the latest nightlies  -

I have a site setup where only part of the site is protected with a logon.
If a user tries to logon and uses the wrong username or password I'd expect
to see the error page, however the user sees the logon page again.

If they then enter the correct logon they see the error page.

If they then try and go back they get a HTTP Status 404 -
/course/j_security_check 'not available' message (/course is part of the URL
they are trying to get to)

This seems to work fine in Beta 3 (the last beta I have setup).

Could somebody check this and confirm I'm not going mad,

thanks,

Kevin Jones
DevelopMentor
www.develop.com