...new info

1) Two WAR's both using struts (lots of Forwards)...All kinds of problems!

WAR1 is the main entry point, it contains the login page/error page in an unsecured dir (not realy required as Tomcat allows access to these no matter what the security is) and everything else is secured.

WAR2 contains a complete struts application. Everything is secured.

a) Without SingleSignOn it all works as expected. I.e. I get the login screen when I hit WAR1 and another (WAR2's) when a URL takes me to WAR2.
b) With SingleSignOn I lose images(broken) and get 'Access Denied' even on pages inside WAR1...


2) A 'standard' (no struts) WAR0 is added as the Main entry point. This WAR has links to WAR1 and WAR1 (as above) has links to WAR2.
a) Without SingleSignOn I get challenged when I hit WAR0 and then again when I hit WAR1, however I do not get challenged for WAR2?????!!!!!
b) With SingleSignOn it all works as expected...???


Can anyone shed any light on what is happening in these scenarios?


Lewis