Re: HTTP 400 with Form based authentication

Christopher Schultz Mon, 31 Aug 2015 11:15:06 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Mark,


On 8/31/15 2:01 PM, Mark Thomas wrote:
> On 31/08/2015 18:49, Christopher Schultz wrote:
> 
>> Really the only thing the servlet spec is missing is a setting
>> in <form-login> like <default-landing-page> or something like
>> that, so that if you try to login with j_security_check and you
>> hadn't already requested a protected resource, the container
>> knows where to send the user after authentication.
> 
> And that is a feature Tomcat provides as an extension to the FORM 
> authenticator.

Yeah... I thought I remembered doing that but I couldn't find the
reference to it and I'm fairly busy today :)

Thanks for the reference.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJV5Jl9AAoJEBzwKT+lPKRYmQEP/2d0tmw48jatl/Q3HoXhSvCn
W13Rr4/7t0GlgxtHfHKzv68XA8EnzvcpWg/aYnN+xSUZ4dbNcdVOjYU6SpR/bDRI
Cg0zLnr/KccTKpd6OuSxzczWSc6OEVviIPthFATb9R6ooPJ/sS3AR5Be6wKjbeCD
yAQZCQXMfBHDd39Zi6FWmWX4D0PJ8xht9Wq7bwrTup5Wpri8VRkQtQWoCzjcWCK5
hxweWqyFy0d0FCUFm+BK1DtoO3OlLpnDLTc1qRENlfrQ+x1aMzb0n77fFI5lKrPw
y4jugfuFgFN/Q3DLAdRgysii6hWLT2Ymt6bIxDYX9QzKNmf12KtwqoeyHxVP4so7
/jUoEqnT4m8Twef6tBZ7XIBWwLJiYTEavA1nalIIa8VMniLb0pZBwfkBD7bA13Ln
fMHfDWEkJ4mADn9cCAzKRXYEAXlOheDpErEtXmLb+RZA/2th+0hgpPo3KzDu4YRq
h7CCvC1/OBNu4WRIC1FBTQoacZHlpol/AWAecXVoHY85349L+UHcpVIrgLMQsKtP
VGJI2aM5oDAiAf2v3AXVXhwvDbuBZfbrbgmiVzviNW9seKtLnz6lAA49uo0sceAf
g6EQj/B3coUWHszmZpCh2W4iiSaEqDMntZl03a2NqwBdTa9+ShbFktOu7JfrX3bo
zuoqrRYFZi25hAE7/Xfw
=8MYf
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: HTTP 400 with Form based authentication

Reply via email to