Hi Matt,
unfortunately (for me), the demo application works fine with my browsers.
However, for my application I found the solution:
in AppFuse 1.9.3, the HTML-Form for xxapp/editProfile.html is created by the
following code in userForm.jsp:
<form method="post" action="<c:url value="/editUser.html"/>"
id="userForm" onsubmit="return onFormSubmit(this)">
which results in the following HTML:
<form method="post"
action="/myapp1/editUser.html;jsessionid=97CCF65E7E617563C6CF950D88CF00C6"
id="userForm" onsubmit="return
onFormSubmit(this)">
in AppFuse 1.9.4, the HTML-Form is created by the following code in
userForm.jsp:
<form:form commandName="user" method="post" action="editUser.html"
onsubmit="return onFormSubmit(this)" id="userForm">
which results in the following HTML:
<form id="userForm" method="post"
action="editUser.html" onsubmit="return
onFormSubmit(this)">
The missing jsessionid seems to cause the nuisance login requirement.
<c:url> does not work within <form:form> but I found a
http://forum.springframework.org/showthread.php?t=25820 solution in the
Spring Forum . The working code for userForm.jsp looks like this:
<c:url value="/editUser.html" var="targetURL"/>
<form:form commandName="user" method="post" action="${targetURL}"
onsubmit="return onFormSubmit(this)" id="userForm">
While I understand why it is important to present the jsessionid for other
reasons, I still dont understand why the application is not just accepting
the previous login via the ACEGI_SECURITY _HASHED_REMEMBER_ME_COOKIE?
I appreciate any further comments!
--
View this message in context:
http://www.nabble.com/nuisance-re-login-tf2702447s2369.html#a7598587
Sent from the AppFuse - User mailing list archive at Nabble.com.
