On 17/06/2013 16:00, ma...@apache.org wrote:
Author: markt
Date: Mon Jun 17 15:00:56 2013
New Revision: 1493801
URL: http://svn.apache.org/r1493801
Log:
Servlet 3.1. If GET is not protected but other methods are, the redirect after
authentication (that now always uses a GET) fails. Because it is unprotected it
is not passed to the FORM authenticator for processing (where the original
request would be restored).
Need to check how Tomcat 7.0.x handles this. It might be different
because of the 302/303 differences but I suspect not.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
