Hi I need some input on pro & con with using redirect instead of requestdispatcher. I heard someone mention something about firewall issues or other security concerns ....
The reason i'm asking is that i have a problem making my requestdipatcher work, while the redirection works just fine. I use a filter that checks for a valid session before giving access to a restricted area. If there is no valid session i use the requestdispatcher to forward it to the login page. But when it does that it looks for the login page files in the wrong place. Let me give an example: My app area is on "https://localhost/sec/ My secure area is on "https://localhost/sec/secure/ Whenever i request something in the secure area, without a valid session, i want the request to be forwarded back to my app area. So far it works, but the references to html and jsp within that index.jsp gets an extra /secure/ added to the when requesting the files. This makes it look for https://localhost/sec/secure/someloginpage.jsp instead of https://localhost/sec/someloginpage.jsp . This is the problem, hence it does not find the files. The extra "/secure" is the url-pattern that triggers my filter. Yes, i know i could use form based authentication, but i have a proprietary loginfunctionality that can't be done with j_security_check I will be happy for any comment or suggestion. regards Abid --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
