Re: user authentication on a servlet.

Tue, 31 Aug 1999 14:21:42 -0700 

-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------

See http://java.apache.org/faq/?_highlightWords=location&file=22


> -----------------------------
> Please read the FAQ!
> <http://java.apache.org/faq/>
> -----------------------------
>
> I would have thought that maybe this was a server thing, but I have
> tried my best guess, and it failed.
>
> I have placed a the following directives in my httpd.conf file, for
> the directory that contains the servlet classes:
>
> <Directory "/home/wtruitt/apache/walter/">
>       AuthType Basic
>       AuthName "MIN Demo"
>       AuthUserFile /home/wtruitt/apache/conf/walter.users
>       require valid-user
> </Directory>
>
> It did not protect the servlet execution.  So then I decided to try
> and program it using the JSDK.  I have found the sendError method of
> the HttpServletResponse, and sent a SC_UNAUTHORIZED error code, but
> that does not set the realm.  Then the server does not know how to
> verify it.
>
> Hmmm, while writing this note, I found the Header was missing to tell
> the realm.
>
> WWW-Authenticate: Basic realm="MIN Demo"
>
> I therefore added this to my program:
>
>     private void sendAuthError( HttpServletRequest req,
>         HttpServletResponse res ) throws IOException {
>       res.setHeader( "WWW-Authenticate", "Basic realm=\"MIN Demo\"" );
>       res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
>     }
>
> Now the headers look the same, and I want to believe that the browser
> responds in the same way.  I suppose I need to create a smaller
> servlet for experimentation, but has anyone done this with jserv and
> apache?  I would like any pointers.
>
>  -walter
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe:        [EMAIL PROTECTED]
> To unsubscribe:      [EMAIL PROTECTED]
> Archives and Other:  <http://java.apache.org/main/mail.html>
> Problems?:           [EMAIL PROTECTED]




--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]

Reply via email to