On Thu, 21 Jun 2001, Craig R. McClanahan wrote:
> > If the login page would be displayed all the <a href="" /> or <img> in the
> > login page will be treated by the browser as relative to
> > /mywebapp/private, while the login page can be somewhere else.
> >
>
> The form login page should use server-relative URLs, or a <base> tag
> in the <head> section. That way, the initial display of the login page
> will work correctly even on a container that does (what amounts to) a
> RequestDispatcher.forward() to the login page.
Should != must.
AFAIK there is no restriction on what is allowed in a login page - except
the use of special name for the action and variables.
That mean a page using relative URLs is legal, and the container must deal
with it. ( I don't know too many pages using the <base> tag anyway, and
relative URLs are prefered in many cases - I would say they are far more
frequent than server-relative URLs ).
Costin
