https://issues.apache.org/bugzilla/show_bug.cgi?id=51940
--- Comment #9 from Konstantin Kolinko <knst.koli...@gmail.com> 2011-10-11 13:15:18 UTC --- 1. I tried to test this in trunk, and replaying a POST request fails for me. Using the following standalone HTML page: [[[ <FORM action="http://localhost:8080/examples/jsp/security/protected/index.jsp"; method="POST"> <input name="role"> <input type="submit"> </FORM> ]]] - Configure a sample user with a role of "tomcat" and start Tomcat - Start a new web browser and load the above page - Type "aaa" and press submit. - Respond to FORM authentication. - The protected page is displayed. Expected: "You have not been granted role aaaa" Actual: no such message. I tried to debug this, but I do not see anything wrong in FormAuthenticator. The body and method were saved and restored. Request#parametersParsed was false. Then, setting a breakpoint in Request#parseParameters() I see that Request#usingInputStream is true and thus parseParameters() exits early. This is reproducible in 7.0.22. This does not happen in 6.0.33 - it replays POSTs correctly. 2. request.getCoyoteRequest().method().setString("GET"); is seen as GET in access log. Not much of an issue though, as anyway we return not what was originally requested by client. I think that to fix this one can restore the original method in FormAuthenticator#forwardToLoginPage(..) when disp.forward() call returns. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
