[jboss-user] [Security & JAAS/JBoss] - Re: Users bookmarking login.jsp causes problems
kathy90031
do-not-reply at jboss.com
Fri Aug 8 08:20:27 EDT 2008
Yes, our URL pattern is the same, but I'm not sure you were understanding me correctly. Our pages ARE secure.
If someone bookmarks http://localhost/WebApp/index.jsp
then they are directed to the login page, after they login in (and are authenticated, they are directed to the home page.
If some booksmarks http://localhost/WebApp/login.jsp
they login in and recieve a BAD REQUEST error EVEN THOUGH they are authenticated. In fact, if they try to go to index.jsp DIRECTLY from the bad request page; they get in.
I looked at the jboss source code and saw what was happening. Jboss looks up the request to forward to. Since the users are coming from login.jsp; this variable returns NULL. Therefore, Jboss throws the bad request error.
Is there a workaround I can configure instead of code?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169583#4169583
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169583
More information about the jboss-user
mailing list