<p>
Hi all. I've a web application running under tomcat 5.0.28. Sometimes,
after a couple of days of 24h running of the server, suddenly it
becames impossibile to log in the application, until Tomcat is
rebooted. I tried to look at the access log files, and noticed
this:<br>
<br><br>
CORRECT LOGIN<br>
<br>
192.168.20.145 - - [11/Nov/2006:07:25:17 +0100] "GET / HTTP/1.1" 200
2250<br>
192.168.20.145 - - [11/Nov/2006:07:25:17 +0100] "GET
/styles/default.css HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:17 +0100] "GET
/Utility/funzioni.js HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:17 +0100] "GET /images/sfondo.gif
HTTP/1.1" 304 -<br>
/images/logo.gif HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:25 +0100] "POST /auth/auth.jsp
HTTP/1.1" 200 1767 <-- Here user clicked on the button to
authenticate<br>
192.168.20.145 - - [11/Nov/2006:07:25:25 +0100] "GET
/styles/default.css HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:25 +0100] "GET
/Utility/funzioni.js HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:25 +0100] "GET /images/logo.gif
HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:25 +0100] "GET /images/sfondo.gif
HTTP/1.1" 304 -<br>
192.168.20.145 - - [11/Nov/2006:07:25:25 +0100] "GET /menu/menu.jsp
HTTP/1.1" 200 10296 <-- Here user is authenticated and
redirected to the main page<br>
<br><br>
INCORRECT LOGIN<br>
<br>
192.168.20.132 - - [11/Nov/2006:22:23:03 +0100] "GET / HTTP/1.1" 200
2250<br>
192.168.20.132 - - [11/Nov/2006:22:23:03 +0100] "GET
/styles/default.css HTTP/1.1" 200 6834<br>
192.168.20.132 - - [11/Nov/2006:22:23:04 +0100] "GET
/Utility/funzioni.js HTTP/1.1" 200 5233<br>
192.168.20.132 - - [11/Nov/2006:22:23:06 +0100] "GET /images/sfondo.gif
HTTP/1.1" 200 51<br>
192.168.20.132 - - [11/Nov/2006:22:23:06 +0100] "GET /images/logo.gif
HTTP/1.1" 200 3365<br>
192.168.20.132 - - [11/Nov/2006:22:23:14 +0100] "POST /auth/auth.jsp
HTTP/1.1" 200 1767<br>
192.168.20.132 - - [11/Nov/2006:22:23:14 +0100] "GET
/styles/default.css HTTP/1.1" 304 -<br>
192.168.20.132 - - [11/Nov/2006:22:23:14 +0100] "GET
/Utility/funzioni.js HTTP/1.1" 304 -<br>
192.168.20.132 - - [11/Nov/2006:22:23:14 +0100] "GET /menu/menu.jsp
HTTP/1.1" 302 -<br>
192.168.20.132 - - [11/Nov/2006:22:23:14 +0100] "GET /index.jsp
HTTP/1.1" 200 2250<br>
<br><br>
As you can see, during a correct login, after the POST the response is
a GET of menu.jsp with status code 200. During an incorrect login,
instead, the response is a GET of menu.jsp with status code 302,
followed by a GET of index.jsp. The result is that, if I don't reboot
tomcat, it is impossible to log in the application and everytime I try
to log in, I am redirected to the authentication form (index.jsp).<br>
<br>
This is the form in index.jsp:
<tt>
<form name="access" action="auth/auth.jsp" method="post"
onSubmit="return CheckFields();">
<p>
<label>Login</label>
<input type="text" name="username">
</p>
<p>
<label>Password</label>
<input type="password" name="password">
</p>
<input type="submit" name="actionBtn" value="Enter">
</form>
</tt>
<br>
And this is the piece of auth.jsp page which performs the login:<br>
<tt>
<gtris:auth
action="login"
username="${param.username}"
password="${param.password}"
/>
<c:choose>
<c:when test="${user != null && user.size 0}">
<c:redirect url="/menu/menu.jsp" />
</c:when>
<c:when test="${user != null && user.size == 0}">
<p>Username or password incorrect.</p>
<a href="../index.jsp">Go back</a>
</c:when>
<c:otherwise>
<p>Errore during login.</p>
<a href="../index.jsp">Go back</a>
</c:otherwise>
</c:choose>
</tt>
<br>
Any idea on how to solve this problem?<br>
<br>
Thanks to all