Matt RaibleMatt Raible is a Web Developer and Java Champion. Connect with him on LinkedIn.

The Angular Mini-Book The Angular Mini-Book is a guide to getting started with Angular. You'll learn how to develop a bare-bones application, test it, and deploy it. Then you'll move on to adding Bootstrap, Angular Material, continuous integration, and authentication.

Spring Boot is a popular framework for building REST APIs. You'll learn how to integrate Angular with Spring Boot and use security best practices like HTTPS and a content security policy.

For book updates, follow @angular_book on Twitter.

The JHipster Mini-Book The JHipster Mini-Book is a guide to getting started with hip technologies today: Angular, Bootstrap, and Spring Boot. All of these frameworks are wrapped up in an easy-to-use project called JHipster.

This book shows you how to build an app with JHipster, and guides you through the plethora of tools, techniques and options you can use. Furthermore, it explains the UI and API building blocks so you understand the underpinnings of your great application.

For book updates, follow @jhipster-book on Twitter.

10+ YEARS


Over 10 years ago, I wrote my first blog post. Since then, I've authored books, had kids, traveled the world, found Trish and blogged about it all.

RECENT ENTRIES


Tag Cloud


abbie appfuse birthday denver family grails gwt jack java javascript jhipster jsf linkedin maven roller skiing softwaresummit spring springmvc struts2 travel trish vacation webframeworks wicket
« Roller Searching -... | Main | Out with the old, in... »
Wednesday July 23, 2003

Container Managed Authentication enhancements in Tomcat 5.0.4

When playing around with Tomcat 5.0.4 today, I noticed a couple improvements. I use container-managed security on all my apps, and there were a couple of things that annoyed me about 4.1.x:

  • When the user is routed to the form-login-page, the URL (i.e. "/login.jsp") appears in their browser's address bar. Therefore, when you try to do request.getRequestURL() (to find the URL they originally requested), you're SOL - you get "/login.jsp" instead.
  • I have a 400 (invalid reference to login page) error-page routing to index.jsp (which redirects to /do/mainMenu). This should allow a user to bookmark "/login.jsp" and, once authenticated, they will be routed to the mainMenu. In Tomcat 4.1.x, I get routed back to the login page, and the user has to login again to get to the mainMenu.

I'm happy to report that both of these bugs are fixed in Tomcat 5.0.4. When I'm routed to the login page, the browser's address bar says the URL I requested (/do/mainMenu), rather than "/login.jsp". Also, request.getRequestURL() does return the URL I originally requested, not the login page. This is awesome IMO b/c now users will not bookmark "/login.jsp". And even if they do type it in, my 400 error page routes them to "index.jsp" which goes to the main menu. All of this did not work in 4.1.24 and now it does in 5.0.4. I'm going to start using 5.0.4 for my dev environment. Oh yeah, Roller runs fine on it too. ;0)

Posted in Java at Jul 23 2003, 11:22:50 AM MDT 2 Comments
Comments:

Hello what are the enhancement in Tomcat 5.0.4 comparing with Tomcat 4.x wait for ur response thanking U

Posted by suresh on October 05, 2006 at 11:47 AM MDT #

Having 400 error page doesnt help me. This is what I did. Added <error-page> <error-code>400</error-code> <location>/400.jsp</location> </error-page> 400.jsp has just one line <% response.sendRedirect("index.jsp");%> Now when I try to access /login.jsp I get login page, when I try to login, I get forwarded to 400.jsp which inturn tries to forward to login.jsp again as index.jsp is protected, when I try to enter credentials again, I get the error : HTTP Status 404 - /index.jsp Am I doing anything wrong?

Posted by 69.25.246.40 on October 23, 2006 at 09:20 PM MDT #

Post a Comment:
  • HTML Syntax: Allowed