On 26.02.2009, at 20:13, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Marcel,
On 2/26/2009 10:21 AM, Marcel Stör wrote:
If I request a protected URL (manually clicking
link, AJAX request, etc.) *after* the session has timed out I
expect an
automatic forwarding to the login page. As I could see while
debugging,
the request dispatcher does indeed issue a forward() to the login
page
but nothing happens.
Error logs? HTTP dump? Note that Tomcat 5.0 has been unsupported for
quite a while. I recommend planning an upgrade SOON.
I'll gather some more information...
I know. It's just that Google's GWT setup for local development ships
with 5.0.28 embedded. We don't use 5.0 in production, don't worry.
I'm sure either, I saw it in some tutorial. Since I don't have a role
table (right, JDBCRealm complains about that, but whatever...) it
basically means that I don't use role based access.
Technically speaking, no roles defined = no access. Practically
speaking, I don't believe Tomcat forces any roles to be defined when
"*"
is the role-name required by the security-constraint.
No, I only mentioned this because Tomcat throws an SQL exception
because it tries to query a table called "" if I don't specify a role
table in the realm config in context.xml
Regards,
Marcel
--
Marcel Stör, http://www.frightanic.com
Blog: http://frightanic.wordpress.com
Couchsurfing: http://www.couchsurfing.com/people/marcelstoer
Skype: marcelstoer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org