Intermittently, I am seeing the following behavior. I enter the URL, and my login form appears. I submit the form, and my login form reappears with the text fields now blank. If I ignore the second re-appearance of the login form, and instead enter my web site's URL, I am served the home page for my web site. If I don't ignore the second appearance of the login form, and instead fill it out (again) and submit it, I get a 404 error message telling me that the requested resource (j_security_check) is not available.
Since this is an intermittent problem, I have at other times tried to access the URL, got the login page, filled it out and submitted it, and then am served my site's home page as expected. However, right now I am more likely to get served the login page twice than for things to go smoothly.
I have tried using a login form that is a jsp file, without restricting access to such files, and as you can see, right now I am using a .htm file for the login file, while restricting access to .html files. In either case, I get this intermittent problem.
By the way, when I moved the site from my laptop to a test server running an earlier version of Tomcat, the problem almost completely disappeared.
[ February 06, 2008: Message edited by: deb platt ] [ February 11, 2008: Message edited by: Bear Bibeault ]
Joined: Jan 23, 2008
Since my original post, I have tried going through the authentication process repeatedly using the Internet Explorer browser. Using IE, everything works as it should: I'm shown the login form, I am authenticated, I am shown the home page.
When I try to access my site using firefox, I am shown the login form, I am authenticated, I am shown a newly empty login form again.
Could this be a bug in firefox or tomcat? I am still a greenhorn, so in general I assume that any problems I encounter reflect some lack of understanding on my part. However, in this case I don't understand why authentication is working as expected under IE, but not firefox.
Joined: Jan 23, 2008
It turns out that it was a bug in Tomcat, bug 43687. A patch which fixed the problem became part of Tomcat, release 6.0.16, which was just released several days ago.
Apparently the intermittent nature of the problem which I originally reported was due to using different browsers. [ February 11, 2008: Message edited by: deb platt ]
subject: Form authentication restricting access to login form?