Tomcat 5 is a stable release now? Yaakov Chaikin Software Engineer BAE SYSTEMS 301-838-6899 (phone) 301-838-6802 (fax) [EMAIL PROTECTED]
> -----Original Message----- > From: Adam Hardy [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 5:10 AM > To: Tomcat Users List > Subject: Re: How to prevent direct access to login.jsp > > On 12/08/2003 11:59 PM Chaikin, Yaakov Y (US SSA) wrote: > > I realized that my user can mess himself by bookmarking the login page > > he is asked to log in. The login.jsp appears in the URL address in the > > browser... > > > > Does anyone know how to avoid this? How do I block that URL for the user > > and not for the server? > > Hi Yaakov, > I think the best way to deal with this situation is to configure tomcat > to catch the error status 403 or whatever it is and then serve up an > error page with a calm, logical explanation of why they shouldn't do that. > > Or upgrade to tomcat 5. > > > Adam > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]