[Bug 46902] LoginValve to bypass restrictions of j_security_check

2015-02-05 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 --- Comment #7 from Christopher Schultz --- As much as I like this kind of capability (particularly the addition of "landingPage" and something like the proposal to add "forceLandingPageAfterAuth"), I don't think is belongs in Tomcat becaus

[Bug 46902] LoginValve to bypass restrictions of j_security_check

2015-02-05 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 46902] LoginValve to bypass restrictions of j_security_check

2015-02-05 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 --- Comment #5 from Konstantin Kolinko --- (In reply to Mark Thomas from comment #4) > I don't think that this Valve is generic enough to include in Tomcat. Agreed. > > I believe an additional option of > "forceLandingPageAfterAuth" that

[Bug 46902] LoginValve to bypass restrictions of j_security_check

2015-02-05 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 --- Comment #4 from Mark Thomas --- Getting back to this after far too long. I understand the problem you are trying to solve but I don't think that this Valveis generic enough to include in Tomcat. My largest concern is that the requireme

DO NOT REPLY [Bug 46902] LoginValve to bypass restrictions of j_security_check

2009-05-07 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 --- Comment #3 from Gregor Schneider 2009-05-07 04:16:18 PST --- Chris, On Thu, May 7, 2009 at 4:07 AM, Christopher Schultz wrote: > > A few questions: > Chris, maybe you'll get the hang of this Valve if I explain the business-requi

DO NOT REPLY [Bug 46902] LoginValve to bypass restrictions of j_security_check

2009-05-06 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 --- Comment #2 from Christopher Schultz 2009-05-06 19:08:09 PST --- A few questions: 1. Why can't the "redirectAfterAuth" path be within the protected space? 2. Why do you check to see if the request URI /startsWith/ the redirectAf

DO NOT REPLY [Bug 46902] LoginValve to bypass restrictions of j_security_check

2009-03-24 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 Gregor Schneider changed: What|Removed |Added CC||rc4...@googlemail.com -- C

DO NOT REPLY [Bug 46902] LoginValve to bypass restrictions of j_security_check

2009-03-24 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 --- Comment #1 from Gregor Schneider 2009-03-24 08:15:03 PST --- Created an attachment (id=23410) --> (https://issues.apache.org/bugzilla/attachment.cgi?id=23410) Patch-file for Tomcat 6.0.x-trunk Added patch for Tomcat 6.0.x-trunk

DO NOT REPLY [Bug 46902] LoginValve to bypass restrictions of j_security_check

2009-03-24 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=46902 Gregor Schneider changed: What|Removed |Added Summary|LoginValave to bypass |LoginValve to bypass