Hi list, Is it possible to inspect/manipulte the value of j_uri after it has been posted to j_security_check and before it's acted upon on a successful authentication? It has been suggested to us that parameter-based redirection is something of a security risk, so if we can ensure that the value of j_uri when posted conforms to certain guidelines it would keep people happy.
rgds, Richard Richard Grantham Development ------------------------------- rgrant...@limehousesoftware.co.uk Limehouse Software Ltd DDI: (020) 7566 3336 Main: (020) 7566 3320 Fax: (020) 7566 3321 Limehouse Software Ltd Bridewell Gate 9 Bridewell Place London EC4V 6AW Check out Limehouse Software's innovative solutions www.limehousesoftware.co.uk - Transforming the way you publish and consult on information The information contained in this e-mail or in any attachments is confidential and is intended solely for the named addressee only. Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, please notify Limehouse Software Ltd immediately by returning this e-mail to sender or calling 020 7566 3320 and do not read, use or disseminate the information. Opinions expressed in this e-mail are those of the sender and not necessarily the company. Although an active anti-virus policy is operated, the company accepts no liability for any damage caused by any virus transmitted by this e-mail, including any attachments. _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest