DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18005>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18005 Realm authentication "forgets" requested URL Summary: Realm authentication "forgets" requested URL Product: Tomcat 4 Version: 4.1.18 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] To recreate this problem: - Request a page that is protected by realm authentication. You should see the login page. - Allow enough time to elapse that the session expires (usually 30 minutes) - Now try logging in with a valid username and password. You will see an error page with a message to the effect "Direct reference to the login page". Because the session expired, the originally requested URL was lost by the container. This should never happen as it is very frustrating and confusing to the end-user. The obvious solution is to save the URL as a request parameter, rather than saving it in the user's session. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
