Meaningless Drivel is fun!*
The moose likes Tomcat and the fly likes Form Authentication Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Form Authentication Security" Watch "Form Authentication Security" New topic
Author

Form Authentication Security

Kevin Devenney
Greenhorn

Joined: Jul 31, 2002
Posts: 5
Hi, I have been using the form base security form one of my web apps and I'm coming across a problem that randomly happens to various users.
The problem is when a user goes to the logon page, they login using the correct details but then get redirected to the "sorry - can't log you in" fail page. if i then login with the same details on another PC, this works fine. also if i restart the tomcat server and login on the pc that originally had the problem this will works fine. Like i said it is a random problem! Does anyone know of any caching issues with the form-based security, or have any other ideas what the problem might be?
Thanks
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

We had some wierdness with Websphere, but I don't think it was the same issues.
However, I do recommend using something that lets you watch the HTTP traffic. We tend to use HttpInspector.
This will let you make sure that the problem isn't in the session cookies or other http-side of the authentication process.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Form Authentication Security
 
Similar Threads
Redirect to the requested page failed using form-based authentication
Invalid direct reference to form login page
Security
Realm question
Issue with the Safari browser