[jboss-user] [Security & JAAS/JBoss] - Re: Users bookmarking login.jsp causes problems

kathy90031 do-not-reply at jboss.com
Fri Aug 8 08:20:27 EDT 2008

Yes, our URL pattern is the same, but I'm not sure you were understanding me correctly.  Our pages ARE secure.

If someone bookmarks http://localhost/WebApp/index.jsp

then they are directed to the login page, after they login in (and are authenticated, they are directed to the home page.

If some booksmarks http://localhost/WebApp/login.jsp

they login in and recieve a BAD REQUEST error EVEN THOUGH they are authenticated.  In fact, if they try to go to index.jsp DIRECTLY from the bad request page; they get in.  

I looked at the jboss source code and saw what was happening.  Jboss looks up the request to forward to.  Since the users are coming from login.jsp; this variable returns NULL.  Therefore, Jboss throws the bad request error.

Is there a workaround I can configure instead of code?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169583#4169583

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169583

More information about the jboss-user mailing list