You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/05/26 09:21:04 UTC

DO NOT REPLY [Bug 20233] New: - authentication by form method and confidential transport

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20233>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20233

authentication by form method and confidential transport

           Summary: authentication by form method and confidential transport
           Product: Tomcat 4
           Version: 4.1.18
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: p.maseres@wanadoo.fr


I tried to set up my web-app descriptor to use a form based authentication with 
a confidential "transport guarantee", to make Tomcat switch the logon redirect 
from HTTP to HTTPS. In fact, i'd like to use SSL only for the protected part of 
the application URLs.
The descriptor is accepted as is, but at runtime a "Malformed URL" exception is 
thrown, as if the code that processes the redirect was not SSL aware.
The SSL connector works right when request are addressed directly using HTTPS.
Thanks for any help...
PS : i'd try to search for previous bugs about this feature, but i did'nt find 
any one.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org