I'm running jboss-3.2.7 and need to use a custom 401 error page with my
servlets. But by doing so, I don't get a dialog box asking me to authenticate
and it immediately errors out and displays the custom 401 page. If I comment
out the following from my web.xml,
<error-page>
| <error-code>401</error-code>
| <location>/unauth.jsp</location>
| </error-page>
then I properly get the dialog box prompting me to log in, but the default
Tomcat/5.0.30 error page is used. After doing some cURL tests, I noticed that
when I use a custom 401 error page, I lose the WWW-Authentication header that
is passed via:
resp.setHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\"");
| resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
Searching the Internet shows that this could be a bug in many versions of
Tomcat. Is there a fix or work-around for this bug?
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4218467#4218467
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4218467
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
