Hi,

I am facing this problem while using Tomcat Managed security.

I am using the JAASRealm and my own LoginModule ... works
smoothly. It authenticates as well as authorizes.

BUT, when a user has logged in from one computer, the another user
cannot login unless the first user logs out first ... Cookies at work !

When I disable the cookies however, things stop working.

If the Authentication fails at JAASRealm , I am thrown out to the
proper error page I declared in Web.xml.

But if the Authentication succeeds, (which I can ascertain from the
logs) I get a 404 error saying... the resource
http://myhost/myapp/j_security_check is not available.

I cant find out why this happens since I can "see" the JSESSIONID
being appended into the request when cookies are disabled.

Plz help or point in the right direction if the same has happened
with someone.

Thanks in advance,

--
Gagan.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)