Re: Mysterious request edirect with value exchange

Tue, 20 Dec 2011 13:39:34 -0800 

On 20.12.2011 15:07, uwe.hellm...@t-systems.com wrote:

It is a webformular.

The java code should this fragment.

final String username = req.getParameter("username");
     String uParam = "";
     if (StringUtils.isBlank(username) == false) {
       uParam = "&u=".concat(username);
     }
     logonFilter.setLoginFailedUrl("/action?login_error=1".concat(uParam));


So what about "logonFilter". Are the instances shared between requests?
In addition: as Konstantin already wrote, you can activate the Tomcat access log and add "%{Location}o" to the pattern. This will log your redirect URLs directly in the Tomcat access log. That way you can check, whether the redirect is already wrong there and if yes ignore all components in front in the root cause analysis.
If the login precedure is simple you can write a simple JMeter test script and stress the test system with concurrent requests. JMeter can also be configured to check the redirect for the correct URL. 

Regards,

Rainer



-----Ursprüngliche Nachricht-----
Von: Chema [mailto:demablo...@gmail.com]
Gesendet: Dienstag, 20. Dezember 2011 15:04
An: Tomcat Users List
Betreff: Re: Mysterious request edirect with value exchange


This result is as expected, but from time to time we saw the
following URL string returned
http://mytestsystem/login.action?login_error=1&u=OtherUser although
we sent the form with Tester as value away. But now in the input
field it is also OtherUser set.


One question
How the returned URL is built ? Where is stored username ?

Thanks

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to