If the user is authorized, the web server returns the result of the original URL request, as shown in Figure 24–4.
In our example, the response URL of a web page is returned, enabling the user to post form data that needs to be handled by the business-logic component of the application. See Chapter 25, Getting Started Securing Web Applications for more information on protecting web applications.