-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dick,
On 3/27/2011 6:57 PM, Dick Eastlake wrote: > Konstantin Kolinko said: >> and you are >> certainly missing closing ">" from the <input> tag > > Yup, I mistakenly deleted it trying to clean up the email > > <td width="147"> > <input tabindex="1" type="text" > name="j_username" value=" > <% > out.print(dlb.getEmail() + "\""); > %> > </td> It's still missing. :( I would venture a guess that all that whitespace in the "value" attribute is going to be problematic at some point, too. I would also make sure to use an absolute URL for your <form> element like this: <form method="POST" action="<%= response.encodeURL(request.getContextPath() + "/j_security_check")) %>"> It's obviously not causing a problem, now, but it will if you re-locate the login page and, depending on other factors, if you re-locate your webapp. > Here's the access log the entries at 15;34 are using Firefox, the > ones at 15:42 are Google's browser NB: it's called "Google Chrome". > 69.207.4.57 - - [27/Mar/2011:15:34:16 -0700] "GET > /Dynacorn/catalog/dealerwelcome.jsp HTTP/1.1" 200 1870 > 69.207.4.57 - - [27/Mar/2011:15:34:27 -0700] "POST > /Dynacorn/catalog/authControl.jsp HTTP/1.1" 302 - > 69.207.4.57 - - [27/Mar/2011:15:34:27 -0700] "GET > /Dynacorn/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 1893 > 69.207.4.57 - - [27/Mar/2011:15:34:30 -0700] "POST > /Dynacorn/catalog/dealer/j_security_check HTTP/1.1" 302 - > 69.207.4.57 - s...@sor.com [27/Mar/2011:15:34:30 -0700] "GET > /Dynacorn/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 500 2158 > 69.207.4.57 - - [27/Mar/2011:15:42:14 -0700] "GET > /Dynacorn/catalog/dealerwelcome.jsp HTTP/1.1" 200 1870 > 69.207.4.57 - - [27/Mar/2011:15:42:20 -0700] "POST > /Dynacorn/catalog/authControl.jsp HTTP/1.1" 302 - > 69.207.4.57 - - [27/Mar/2011:15:42:20 -0700] "GET > /Dynacorn/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 1893 > 69.207.4.57 - - [27/Mar/2011:15:42:23 -0700] "POST > /Dynacorn/catalog/dealer/j_security_check HTTP/1.1" 200 676 What were the 676 bytes returned to Google Chrome after j_security_check was requested? Servlet container-managed security requires a protected resource to be requested in order to show the login page and then invoke j_security_check. Is the protected resource "/Dynacorn/catalog/authControl.jsp"? If so, it's possible that the POST size is exceeding the maximum allowable cached POST size during login. Any idea how many bytes are being POSTed there? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk2TSbgACgkQ9CaO5/Lv0PAt0QCghyzZ7ZoXJFI2aa6VY2zwH2rV /ioAoLTvrWuyVLIIkdFBeCgWUzlW1APP =HCpU -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org