You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Vinh Tran <vi...@processintelligence.com> on 2003/06/03 20:04:05 UTC

Container Managed Authentication

All:

I am using CMA with Tomcat4/Apache1.3. I have a form-based login page
pointed at j_security_check. When a user submits the form the username and
password is shown in the statusbar of the browser. Also, there is a log
entry in the Apache logs that display this same URL that with
username/password information.

Is there anyway to avoid the URL being displayed, and more importantly, is
there a way to not log the login request?

Thanks, Vinh.