I have Tomcat (7.0.12) running behind Apache (2.2.17) server with Tomcat Connector JK 1.2.32.
I'm newbie with Apache-Tomcat connector: So, I made a very simple web application and deployed it in Tomcat webapps, with the following structure:
The "WebContent/index.jsp" page has two links: a link to "WebContent/internal/internal.jsp", and the other one to "WebContent/articles/index.html".
The "WebContent/internal/" directory is protected by the following security constraint in the web.xml file:
Also, I declared in the web.xml file:
And in the tomcat-users.xml file, I set:
I can get the entry page with the "http://localhost/AppPrefix/index.jsp" URL through Apache server.
When I make click in the internal.jsp link, I get the login.jsp page. That's wright.
But when I submit the credentials (username: xx / password. yy), I get a blank page (with http://localhost/Andromeda/internal/j_security_check in the URL bar), instead of the internal.jsp page.
If I access to entry page with "http://localhost:8080/AppPrefix/index.jsp" URL, (skipping Apache server,) I can get the internal.jsp page when I submit the credentials.
Also, if I delete the security constraint, the web application works fine.