>> Torsten, >> >> Add an interceptor to AngularJS to detect the 401 and do whatever you >> want, e.g. redirect to a login page. Then when you have the >> credentials, submit to login rest api, get a token, and then make all >> other calls passing this token. >> >> There are loads of examples on how to do this on the internet. This >> isn't tomcat specific. >> >> function globalInterceptorResponse($injector, $q) { >> return { >> 'response': function (response) { >> return response; >> }, >> 'responseError': function (rejection) { >> switch (rejection.status) { >> ... >> case 401: >> console.warn("Hit 401 - redirecting to login"); >> window.location = '/login'; >> break; >> ... >> default: >> console.warn(rejection); >> } >> return $q.reject(rejection); >> } >> }; >> } >> globalInterceptorResponse.$inject = ['$injector', '$q']; >> >> then in request config, >> >> $httpProvider.interceptors.push(globalInterceptorResponse); > > This won't work because the application doesn't get a chance to do > anything until Tomcat completes its authentication/authorization work. > If the application were handling the authentication/authorization, then > the original Filter would have worked. > > -chris
Chris, I think that you thought the above was server-side java code. The above was javascript code that runs in the browser. It does work - I copied it from a project I am working on now. Chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org