https://issues.apache.org/bugzilla/show_bug.cgi?id=45710
--- Comment #2 from Kamal <[EMAIL PROTECTED]> 2008-09-09 09:23:53 PST --- Thanks Mark. I found the problem with my code where we retrieve the Jsessionid using an URL (that does include parameters) and the first request after the Jsessionid (authenticated using j_security_check) includes the parameters. Obviously, the request URLs are different now and the Tomcat 5.5 restores the URL (redirect Location) with no parameters that was used to retrieve the Jsessionid from the server. In short, the approach I used is as follows (might help others looking for a solution) App A uses Form Authentication 1) Call the App A (running in Server 1) through URL (say with parameters) from App B (running in server 2) 2) The server returns the response with Jsessionid (iterate the headers/cookies to retrieve one) 3) Append the Jsessionid to the j_security_check along with username/password and the response header returns the same Jsessionid (authenticated by server) 4) Now, call the App A again with the same URL we used in Step 1. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
