Is there any way to avoid passing previous request query string parameters to authentication forward call in tomcat?

Asked Jul 17 '23 at 06:47

Active Jul 17 '23 at 06:47

Viewed 9 times

i have below login configuration in my web-app/WEB-INF/web.xml

<login-config>
        <auth-method>CUSTOMFORM856</auth-method>
        <form-login-config>
            <form-login-page>/myAuthenticator</form-login-page>
            <form-error-page>/myAuthenticator</form-error-page>
        </form-login-config>
    </login-config>

i have the case that after session expired user tries to click on UI(reloads widget in web-app) then request (/loadWidget?method="loadLayout") send to tomcat server since session expired this request forwarded to (/myAuthenticator)as per web.xml login-config

while forwarding (/loadWidget?method="loadLayout") to (/myAuthenticator) query string param(method="loadLayout") also passed to (/myAuthenticator) request

is there any way to avoid passing previous request query param to authentication forward call ?

asked Jul 17 '23 at 06:47

7575 mohan

Is there any way to avoid passing previous request query string parameters to authentication forward call in tomcat?

0 Answers0