2 Replies Latest reply on Sep 4, 2008 2:38 PM by kerryjordan

    Tomcat/JBoss Web Authentication Bug

    kerryjordan

      There was a form-based authentication bug in Tomcat 6.0.10 code that was corrected in version 6.0.14. In particular, a FireFox user would be displayed the login form again instead of the correct requested resource AFTER authentication was successful. This was reported as Tomcat Bug 43687 (https://issues.apache.org/bugzilla/show_bug.cgi?id=43687).

      As I understand it, my implementation of JBoss (4.2.2.GA) uses JBoss Web 2 which is almost identical to the Tomcat 6.0.10 code and duplicates the Tomcat bug discussed above. How do I upgrade the JBoss Web 2 implementation to include the Tomcat 6.0.14 fix I need?

      Thanks,
      Kerry