Hi Nicolas, I believe I have successfully re-produced your problem in my environment.
In article <[EMAIL PROTECTED]>, Mon, 24 Sep 2007 12:47:27 +0000 (UTC), Nicolas Clemeur <[EMAIL PROTECTED]> wrote: nclemeur> I am having some difficulties to setup cactus tests using nclemeur> tomcat > 5.5.20 (Everything works fine with 5.5.20). nclemeur> I am using form authentication in cactus tests (as described nclemeur> on the cactus web site). When I look at the generated request, nclemeur> I get the authentication layer called with all the parameters nclemeur> needed for the test (service name, class,...), but when the nclemeur> request for the actual test is generated it is missing all the nclemeur> parameters to run the test. So I am suspecting something must nclemeur> have change in tomcat (nothing has changed in the cactus nclemeur> environment) in the way the authentication calls are handled nclemeur> in tomcat post 5.5.20 (I have tried 5.5.23 and 5.5.25). I reviewed the difference between source codes of Tomcat of versions 5.5.20 and 5.5.23. My understanding at this moment is as follows: It seems behavior of Tomcat have been changed so that the request just after the authentication (i.e. j_security_check) would be replaced by a cached request which did arise the authentication. The FormAuthentication class of Cactus sends a request without parameter for an authentication (i.e. to obtain a JSESSIONID which is associated with the user principal). Tomcat caches the request and would replace the next request (just after the authentication) internally by the cached one, even if the client-side of Cactus sent the request with parameters to run test. Then, the ServletRedirectorSecure receives the cached-request without parameters which causes an error. As the behavior cannot be controled by some configuration of Tomcat, Cactus should be changed to adopt. I have modified the FormAuthentication class so that the form authentication would work with both Tomcat 5.5.20 and 5.5.23. I'll post the (dirty ;-<) code later. ---- Kazuhito SUGURI --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]