struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laurie Harper <>
Subject Re: login problem
Date Tue, 03 Jun 2008 19:16:27 GMT
Anet wrote:
> Hi
> I have a problem with "security-constraint" in tomcat 5.5. I use struts 1.2.
> when we used tomcat 4.1.29, there were no problem with pages needed login.
> with tomcat 5.5.17, I had to put role-names into my web.xml file to solve login problem.
> But now I have another problem. 
> I have a form... needs login to be accessed.
> the user logins successfully.the form is shown to him.
> (in the code, saveToken() called )
> now he fills the form,but leaves his work,=&gt;his session expired...
> the user comes back.puts the submit button and redirects to login page.
> he logins...and the process of submit should be done.
> (in the code, isTokenValid(Request) called and returns false....)
> it is expected to continue the process...
> I didn't have this problem while using tomcat 4.1 .
> Would you mind help me for it? I have no idea...

If I understand you correctly, you are using container managed security 
and seeing an inconsistency in behaviour between Tomcat 4.1.29 and 
5.5.17. Struts is not involved in CMS processing in any way, so I would 
suspect a Tomcat and/or configuration problem.

Does it work as you expect if you take out the saveToken / isTokenValid 
stuff? If that fixes the problem, there may be Struts-related issue 
here. Otherwise, you should probably pursue this on the Tomcat forums.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message