More info: Pre-existing bug in bugzilla, 10229. It seems to be a connector issue. As the bug states, I can use the old org.apache.catalina.connector.http.HttpConnector and get the desired correct behavior. Since the Coyote Connector is used widely and is the default, any chance of getting this fixed soon? This happens on both the HTTP and JkHandler of Coyote.
(I'll go vote on the bug now, if it helps...) :-) Jeff Tulley ([EMAIL PROTECTED]) (801)861-5322 Novell, Inc., The Leading Provider of Net Business Solutions http://www.novell.com >>> [EMAIL PROTECTED] 3/27/03 3:30:40 PM >>> I think I've found a fairly important place where Tomcat is not spec compliant. I think there is code in there to make this work, but the code must have a bug. The spec part is: SRV 12.5.3, actually in J2EE.12.5.3.1 Login Form Notes: .. If the form based login is invoked because of an HTTP request, the original request parameters must be preserved by the container for use if, on successful authentication, it redirects the call to the requested resource. .. I have shown that this is not working using the following process: Create a simple jsp, "formHandler.jsp", put it in a protected app (I used Tomcat's admin): <html> <body> <% String color = request.getParameter("Color"); %> Your color is: <%=color%> </body> </html> Create a simple form somewhere outside of there: <html> <body> <form action="/admin/formHandler.jsp" method="post"> <input type="text" name="Color" value="red"> <input type="submit" name="Submit"> </form> </body> </html> If you submit the form while there is a current valid login to the admin application, your formHandler jsp outputs the correct parameter information. If you submit the form while not authenticated to the application, you are redirected to the login page. After you enter valid credentials, you are redirected to the formHandler.jsp, which outputs "Your color is: null" It has lost the original request parameters even though it appears that org.apache.catalina.authenticator.FormAuthenticator, restoreRequest tries to restore these. Can somebody else verify that they see this, and should I submit a bug? It seems that this is very important and needs to be fixed. This is on Tomcat 4.1.18, and I just verified it is still there on Tomcat 4.1.24 Jeff Tulley ([EMAIL PROTECTED]) (801)861-5322 Novell, Inc., The Leading Provider of Net Business Solutions http://www.novell.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
