Hi I use a Form based authentification in web.xml : [...] <login-config> <auth-method>FORM</auth-method> <realm-name>Authentication Area</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/login_failed.jsp</form-error-page> </form-login-config> </login-config> [...]
in login.jsp : [...] <form method="GET" action="j_security_check"> <input type="text" name="j_username"> <input type="password" name="j_password"> </form> [...] authentification works great but after, if i click on the "Back" button of my browser to go back on the login page and i try the authentification again, Tomcat launch a HTTP 404 error on /j_security_check (page refresh don't change anything) in access.log (i protect /pages/* and login form is in /login.jsp): 10.20.0.7 - - [10/Sep/2002:11:01:15 -0500] "GET /pages/home.jsp HTTP/1.1" 302 764 10.20.0.7 - - [10/Sep/2002:11:01:15 -0500] "GET /login.jsp HTTP/1.1" 200 7070 10.20.0.7 - - [10/Sep/2002:11:01:21 -0500] "GET /j_security_check?j_username=bob&j_password=bob HTTP/1.1" 302 764 10.20.0.7 - bob [10/Sep/2002:11:01:23 -0500] "GET /pages/home.jsp HTTP/1.1" 200 5018 here, all is ok , i'm authentified as bob (i think that 302 HTTP return code is a good thing ? servlet redirection ??) now i click on back button and attempt to re-authentifiate bob and ... 10.20.0.7 - bob [10/Sep/2002:11:01:29 -0500] "GET /j_security_check?j_username=bob&j_password=bob HTTP/1.1" 404 734 404 error ... Do you have a solution ? Thanks a lot. (bilingue english/french) -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
