force login to not go to url maintained in session

**Scott Battaglia** · Nov 22nd, 2004, 10:30 AM

Is there a way to disable the feature that if the last url is known (i.e. you were logged into the app already) upon reauthentication you will redirected to that url. I would like to always go to the URL defined in the config. I couldn't find a way to turn it off though.

Thanks

**Alef Arendsen** · Nov 22nd, 2004, 12:36 PM

AFAIK, this is not part of the specification.

I've searched for a while and couldn't find a defnitive solution to this problem. Search Google for 'post-authentication servlet' and you'll find some references and mails on the tomcat-user list I believe, maybe they'll be useful to you.

At first I though it might be possible to do this by detecting if the session associated with the request is new (and if so, check if the appropriate page is going to be displayed), but there's not preventing the container from keeping track of the principal another way...

Alef

**Ben Alex** · Nov 22nd, 2004, 03:24 PM

I've just committed an improvement to AbstractProcessingFilter which has a new property, alwaysUseDefaultTargetUrl. I think the property name gives it away.

**Scott Battaglia** · Nov 22nd, 2004, 08:48 PM

Awesome....that's exactly what I was looking for

I was actually going to do that

Thanks!

Thread: force login to not go to url maintained in session

Thread Tools

Display

force login to not go to url maintained in session

Similar Threads

OpenSessionInView and portlet support

OpenSessionInView + CMT Session usage

Why are new sessions created with OpenSessionInViewFilter?

OpenSessionInViewInterceptor called but session flushed

Hibernate Session Per Request Problem with CMT EJB

Posting Permissions