I've been told our working application must coexist with other
applications using BASIC authentication, the same domain name and a
shared authentication store to achieve single sign on (SSO).
Our application has been working fine without IIS or Apache sitting in
front of it. The application
Hi I suspect I am running into this bug in tomcat 5.5.9 which has been
solved in tomcat 5.5.11 and I was wondering if there is a workaround:
http://issues.apache.org/bugzilla/show_bug.cgi?id=22617
Let me first explain my situation. I have a webapplication which we use
in production on
-Original Message-
From: Ben Ricker [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 13, 2005 6:04 PM
To: Tomcat Users List
Subject: Re: How to Configure IIS/Tomcat to perform basic authentication
To answer your question, it would help to at least include the
relevant OS and tomcat version
Hi again,
I just discovered bug 33157: basic authentication fails in some cases,
reported in Tomcat 5.5.4.
http://issues.apache.org/bugzilla/show_bug.cgi?id=33157
It doesn't describe my exact problem, but it's the best theory so far.
Unfortunately the hosting provider is unlikely to install
Hello,
My client has a password-protected folder (as shown in the snippet from
my web.xml below). The problem is that, when accessing a protected
resource (/members/jobs/index.html), it sometimes asks for the login
several times before returning the requested page. (This is using BASIC
Hi all,
I have been trying to configure IIS/Tomcat to perform basic
authentication and have not had any success yet,
I would appreciate it if someone could give me some pointers on how to
make this to work.
Thanks,
Ike
Hi all,
I have been trying to configure IIS/Tomcat to perform basic
authentication and have not had any success yet,
I would appreciate it if someone could give me some pointers on how to
make this to work.
Thanks,
Ike
Hi all,
I have been trying to configure IIS/Tomcat to perform basic
authentication
and have not had any success yet, I would appreciate it if someone could
give me some pointers on how to make this to work.
Thanks,
Ike
/tomcat/tomcat-5.0-doc/realm-howto.html.
You may be most interested in the Memory Realm if you want simple,
file-based auth.
Ben Ricker
On 7/13/05, Ikonne, Ike [EMAIL PROTECTED] wrote:
Hi all,
I have been trying to configure IIS/Tomcat to perform basic
authentication
and have not had any
Hi there,
I have two servlets. One is configured to listen to /forms/* and the
other to /documents/*.
I configured a security realm, so users need to use form based
authentication when accessing /forms/*.
Can I, in the same web.xml configure a second security realm that uses
basic
that uses
basic authentication? We need the basic since the /documents/* servlet
serves webDAV and Webfolders doesn't do form based authentication. Would
that work?
:-) stw
No can do. webapps are allowed no more than 1 form of authentication.
Maybe use two web applications?
Mark
Hello,
I am running Tomcat 5.5.9 on Windows 2000. I configured the ISAPI
redirector (version 1.2.12) so that Tomcat worked along with IIS and
everything seemed to work fine, but...
I have a Tomcat application which requires basic authentication. Everything
works fine if I access from http
, but...
I have a Tomcat application which requires basic authentication. Everything
works fine if I access from http://localhost:8080/mywebapp/, I get
authenticated and can navigate, so I think the realm is configured
correctly. But if I try to access from http://localhost/mywebapp/ (the path
to my
You can try google:
http://www.modpython.org/pipermail/mod_python/2001-August/012120.html
Otgonbayar wrote:
I am using basic authentication in my application and I need to create
logout link in my JSP that does LOGOUT.
It seems session.invalidate() doesn't work.
How can I do this? Please help
If you read the docs on BASIC authentication, you will find that the browser
caches the login information and will provide it every time you return to
that site. The way to log out is to close the browser. Apparently this has
been a problem for web developers for some time. Browser developers have
List
Subject: Re: Can't do logout in basic authentication
You can try google:
http://www.modpython.org/pipermail/mod_python/2001-August/012120.html
Otgonbayar wrote:
I am using basic authentication in my application and I need to create
logout link in my JSP that does LOGOUT.
It seems
you cannot do that in basic .. you need to do a form based one ...
- Original Message -
From: Otgonbayar [EMAIL PROTECTED]
To: 'Tomcat Users List' tomcat-user@jakarta.apache.org
Sent: Wednesday, April 20, 2005 4:28 AM
Subject: Can't do logout in basic authentication
I am using basic
P.S. Freeing one's *session* on leaving works with any type of
authentication and makes sense in many cases -- it's just harder to
communicate this concept to the user...
Jess Holle wrote:
In most applications this is one of those *perceived* problems that
corporate users get uptight about.
I am using basic authentication in my application and I need to create
logout link in my JSP that does LOGOUT.
It seems session.invalidate() doesn't work.
How can I do this? Please help me!
Thanks
Otgo
-
To unsubscribe, e-mail
I have Tomcat 5.5.4 running on WindowsXP with BASIC authentication working via
the Memory Realm and it works fine.
I want to change to FORM-based authentication. I've 'BASIC' to 'FORM' in
web.xml and have a logon.html page with a form action=j_security_check (but
it gives a HTTP 408 timeout
.
- George Carlin
[EMAIL PROTECTED] 04/09/05 11:00 AM
I have Tomcat 5.5.4 running on WindowsXP with BASIC authentication
working via the Memory Realm and it works fine.
I want to change to FORM-based authentication. I've 'BASIC' to 'FORM'
in web.xml and have a logon.html page
Based on my own experience, the quickest way to work out what is
happening will be to debug your way through it. See the FAQ for how to
set this up: http://jakarta.apache.org/tomcat/faq/development.html
Mark
Mudumbai, Kalyan wrote:
Hi All,
I am trying to write a custom realm for my web
Hi All,
I am trying to write a custom realm for my web application. I have added the
realm in the sever.xml file as below:
Realm className=com.web.tomcat.security.CustomRealm debug=0/
and I had the following entries in my web.xml file.
security-constraint
:
Hi,
Anyone had a chance to look at this one yet?
Thanks
Sanjay
-Original Message-
From: Karanjkar, Sanjay V (IT)
Sent: 15 March 2005 11:19
To: tomcat-user@jakarta.apache.org
Subject: Problem with BASIC authentication
Hi,
I have the following setup:
1. A copied version
Farbos [mailto:[EMAIL PROTECTED]
Sent: 17 March 2005 09:58
To: Tomcat Users List
Cc: Karanjkar, Sanjay V (IT)
Subject: Re: Problem with BASIC authentication
Hi,
Compared to Manager's web.xml, it seems you don't have the section
resource-env-ref with the link to your user DataBase.
Perhaps, try
]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Thursday, March 17, 2005 12:19 AM
Subject: RE: Problem with BASIC authentication
Hi,
Anyone had a chance to look at this one yet?
Thanks
Sanjay
-Original Message-
From: Karanjkar, Sanjay V (IT)
Sent: 15 March 2005 11:19
To: tomcat-user
Message-
From: Lionel Farbos [mailto:[EMAIL PROTECTED]
Sent: 17 March 2005 09:58
To: Tomcat Users List
Cc: Karanjkar, Sanjay V (IT)
Subject: Re: Problem with BASIC authentication
Hi,
Compared to Manager's web.xml, it seems you don't have the section
resource-env-ref with the link
Hi,
Anyone had a chance to look at this one yet?
Thanks
Sanjay
-Original Message-
From: Karanjkar, Sanjay V (IT)
Sent: 15 March 2005 11:19
To: tomcat-user@jakarta.apache.org
Subject: Problem with BASIC authentication
Hi,
I have the following setup:
1. A copied version of Tomcat
Hi,
I have the following setup:
1. A copied version of Tomcat 4.1.24 on Unix (i.e. I have merely
*copied* the entire tomcat folder from another installed location
instead of installing it)
2. My application WAR file referenced by the following Context in
Server.xml:
Context
If you are using basic authentication, that is out of your control -
the browser will resend the authentication with every request. I does
not care at all about your session.
I think your simplest solution is to switch to form-based authentication.
Larry
On Thu, 27 Jan 2005 19:58:16 -0800 (PST
Hi Larry,
Thank you for your reply! Yes, I have tried the form authentication. It
does redirect to the login page when session expires.
Gia
Larry Meadors [EMAIL PROTECTED] wrote:
If you are using basic authentication, that is out of your control -
the browser will resend
Hi,
I am using Tomcat Container managed security: Basic Authentication by adding
the following to web.xml.
security-constraint
web-resource-collection
web-resource-nameThe Entire Web Application/web-resource-name
url-pattern/XMLServlet/url-pattern
/web-resource
Ashish Kulkarni ha scritto:
Hi
May be try putting the following in web.xml file just
before taglib ( i am not sure but works with 2.2)
error-page
error-code403/error-code
location/pages/error/noaccess.jsp/location
/error-page
error-page
Hi all
I have a small problem trying to configure BASIC auth.
Everything works good, but i'd like to know if i can change the default page when the user is not
authenticated. I try to eplain better: if i write wrong 3 times the password, or i click on cancel
button, a default Tomcat page appears
I never try it, but maybe u can write your own code into the login
page that redirect you on a different page if the login taske will not
completed as needed...
On Mon, 24 Jan 2005 14:21:19 +0100, Giorgio Ponza [EMAIL PROTECTED] wrote:
Hi all
I have a small problem trying to configure BASIC
Omar Adobati ha scritto:
I never try it, but maybe u can write your own code into the login
page that redirect you on a different page if the login taske will not
completed as needed...
I can't try this :D
There is no login page, only a box appearing over the browser asking user and
password.
Oh, I'm sorry... you are using the basic auth mode... there was a
missunderstanding... sorry again...
On Mon, 24 Jan 2005 14:29:44 +0100, Giorgio Ponza [EMAIL PROTECTED] wrote:
Omar Adobati ha scritto:
I never try it, but maybe u can write your own code into the login
page that redirect you
Hi
May be try putting the following in web.xml file just
before taglib ( i am not sure but works with 2.2)
error-page
error-code403/error-code
location/pages/error/noaccess.jsp/location
/error-page
error-page
]
To: Tomcat Users List
tomcat-user@jakarta.apache.org
Sent: Friday, January 21, 2005 12:20 AM
Subject: RE: problem with Basic authentication -- no
window to login
assuming you're using linux.. I encountered this
problem
in mozilla 1.6... downloaded 1.7 version and login
window
appeared
Hi
i was able to make my application work with form
authentication, then i changed the login-config to
make it basic authentication like below,
but i am not getting any login window, it just gives
me no access 403 error why
login-config
auth-methodBASIC/auth-method
realm-nameBasic
what browser ar you using?
-Original Message-
From: Ashish Kulkarni [mailto:[EMAIL PROTECTED]
Sent: Friday, January 21, 2005 6:24 AM
To: tomcat-user@jakarta.apache.org
Subject: problem with Basic authentication -- no window to login
Hi
i was able to make my application work with form
with Basic authentication -- no
window to login
Hi
i was able to make my application work with form
authentication, then i
changed the login-config to make it basic
authentication like below, but
i am not getting any login window, it just gives me
no access 403 error
why login-config auth
@jakarta.apache.org
Subject: problem with Basic authentication -- no window to login
Hi
i was able to make my application work with form authentication, then
i changed the login-config to make it basic authentication like below,
but i am not getting any login window, it just gives me no access
]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Friday, January 21, 2005 12:20 AM
Subject: RE: problem with Basic authentication -- no window to login
assuming you're using linux.. I encountered this problem
in mozilla 1.6... downloaded 1.7 version and login window
appeared
I would like to use container-based declarative authentication without
the need to modify any files in $CATALINA_HOME/conf directory.
To simplify my question a bit: is it somehow possible to make tomcat
read tomcat-users.xml from the war file, and not from
$CATALINA_HOME/conf?
Michal.
in Server.xml.
You need not use a flat file format though to serve your username/password
combinations just because you are using Basic Authentication. The two are
separate issues:
issue one is:
What type of authentication do I want? Form, Basic, Digest, Client-Cert.
This is a Sun servlet
Hi,
(Sorry, I posted this message under the wrong thread before)
I am using Apache - modjk -Tomcat 5 configuration.
The tomcat manager app uses BASIC authentication. When I point my
browser to /myurl/manager the browser pops up a dialog box for the
username and password. Upon entering
.
The tomcat manager app uses BASIC authentication. When I point my
browser to /myurl/manager the browser pops up a dialog box for the
username and password. Upon entering the correct information it logs me
into the manager app.
I am trying to now use JMeter to log in to the manager app:
URL
Hi!
I can't figure out why my BASIC authorization isn't working for my app. The
pages show up as 401 Not Authorized, but no popup authorization window pops
up! Further, the admin and manager apps are working using my JDBCRealm
(:Enter Password window does pop up). Help appreciated.
server.xml:
Nevermind. I had a 401 page defined in web.xml, so it was being sent there
instead of the browser. My mistake.
- Original Message -
From: e-Denton Subscriber [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Saturday, October 23, 2004 4:06 PM
Subject: BASIC authentication
04, 2004 1:59 AM
To: Tomcat Users List
Subject: RE: type in twice for basic authentication???
Tomcat 4.1.27 -- please help!
- Original message -
From: Mark Thomas [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Date: Sat, 2 Oct 2004 10:03:49 +0100
Subject: RE: type in twice
Anybody have a clue as to why my basic authentication box would keep
coming back at me 2-6 times before letting me in, even though I'm typing
the correct username and password every single time? This is Tomcat
4.1.27
, October 04, 2004 2:12 PM
To: Tomcat Users List
Subject: RE: type in twice for basic authentication???
Hi,
Does 4.1.30 behave better? Or 5.0.27?
(5.0.28 has http://issues.apache.org/bugzilla/show_bug.cgi?id=31372
which might affect this use-case)
Yoav Shapira
Millennium Research
Tomcat 4.1.27 -- please help!
- Original message -
From: Mark Thomas [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Date: Sat, 2 Oct 2004 10:03:49 +0100
Subject: RE: type in twice for basic authentication???
What version of tomcat?
-Original Message-
From
What version of tomcat?
-Original Message-
From: Stephen Charles Huey [mailto:[EMAIL PROTECTED]
Sent: Friday, October 01, 2004 11:38 PM
To: Tomcat Users List
Subject: Re: type in twice for basic authentication???
Yeah, I need some major help on this to figure out what's
going
Due to increasing levels of spam, this email address no longer receives email.
To contact us, please go to http://takanomi.com/contact.php.
[If you publish an ezine or newsletter to which we are subscribed, or own an affiliate
program or service of which we are a member, please visit the
When my web app pops up a basic authentication box, I type in the
username and password, and then it bounces back with blank text boxes
asking for it again. Every time when I type them in a second time it
then lets me in! What's going on? Here's what I have in my server.xml:
Realm className
-
From: Stephen Charles Huey [EMAIL PROTECTED]
To: Tomcat User [EMAIL PROTECTED]
Date: Fri, 01 Oct 2004 17:10:32 -0500
Subject: type in twice for basic authentication???
When my web app pops up a basic authentication box, I type in the
username and password, and then it bounces back with blank text
Hi,
We are running our applications on Tomcat 4 and 5. On both versions we are
having problems with the basic authentication.
The problem is that I haven't found a way to overwrite the default 401 error
page with a custom page.
If I add an error-page element in web.xml for error 401
error
Hacking,
Gaurav Vaish
http://www.mastergaurav.org
-
On Fri, 24 Sep 2004 09:33:13 -0500, Angelov, Rossen
[EMAIL PROTECTED] wrote:
Hi,
We are running our applications on Tomcat 4 and 5. On both versions we are
having problems with the basic authentication
and type of authentication.
-Message d'origine-
De : Robert Bateman [mailto:[EMAIL PROTECTED]
Envoyé : lundi 16 août 2004 20:42
À : Tomcat Users List
Objet : Re: Customizing BASIC authentication
Someone please correct me if I'm wrong here...
Also be aware that non-protected pages
Hi,
Thanks to you both, but my question is not so much about how
to get the user name in the request.
Instead, it's this: I need to use basic authentication (i.e. the browser
pops up the login), but then I need to run custom code to actually
check the login and password with an internal system
on a simple web app that will feed custom RSS XML
to clients that must use basic authentication. In my application,
I need to do more than just look up users somewhere. Instead, the
login/password values returned via basic authentication headers will be
used in some fairly complex ways to both
basic authentication. In my application,
I need to do more than just look up users somewhere. Instead, the
login/password values returned via basic authentication headers will be used
in some fairly complex ways to both authenticate and then
construct the custom response.
What is the simplest way
totally confused.
I'm hoping if I describe my situation, someone can help me
cut through the fog.
I'm working on a simple web app that will feed custom RSS XML
to clients that must use basic authentication. In my application,
I need to do more than just look up users somewhere. Instead, the
login
will avoid other newbies to be stuck like I was.
Merci,
Laurent
Message du 23/07/04 à 21h36
De : Michele Ouellet [EMAIL PROTECTED]
A : Laurent Le Moux [EMAIL PROTECTED]
Copie à :
Objet : Re: BASIC authentication not working, PLEASE HELP !
Salut Laurent,
Did you start tomcat with the -security
Hello,
I found the following interesting answer from Craig R. McClanahan to Sim IJskes
concerning the use of BASIC authentication :
I was able to get basic authentication working by editing the file
$TOMCAT_HOME/webapps/examples/WEB-INF/web.xml and changing the auth-method
element from
In a nutshell, I'm wondering if it's better NOT to use basic
authentication. We have over 10,000 regular users, and I think it would
be good for us to move to a more standard login page instead of that
authentication box that pops up. My question is, would we have to
change a lot to do
(Please, create new messages when mailing the list. Responding to
unrelated messages causes confusion for those of us who use thread-aware
mailers.)
: In a nutshell, I'm wondering if it's better NOT to use basic
: authentication.
My understanding is that FORM vs BASIC is just that the former
: basic authentication or not?
(Please, create new messages when mailing the list. Responding to
unrelated messages causes confusion for those of us who use thread-aware
mailers.)
: In a nutshell, I'm wondering if it's better NOT to use basic
: authentication.
My understanding
Duh. I was looking in the general Tomcat web.xml--yes, in my
app-specific one, we're using BASIC authentication.
Ok, so Tomcat knows to use the additional MySQL database for
authentication. Right now, if you go to www.ourDomain.com it'll make
you authenticate and then it will forward you
Hi
Our CMS is using it's own security control system.
We can login users using forms.
Now I want to use BASIC Authentication.
So (upon clicking a special link) a login form should appear (browser
build-in) and I need to get the username and password inside my servlet. How
can I do this?
Any
SH Solutions wrote:
Hi
Can use Acegi spring security.
or much simple use the HTTP protocol with the servlet
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hello,
I am using the Basic Authentication in Tomcat and I would like to know if
there is a way of retrieving the username and the password that have been
typed.
Thanks
Elisabeth
-
To unsubscribe, e-mail: [EMAIL PROTECTED
Hi all,
I need to capture the WinNT account name of users to a jsp page.
We have Active Directory at our company. We can have a basic login form
(that standard pop up login form from Window).
Could anyone tell me where to start and how to set it up? I have looked at
the HowTo for Tomcat
List'
Assunto: Basic Authentication
Hi all,
I need to capture the WinNT account name of users to a jsp page.
We have Active Directory at our company. We can have a basic login form
(that standard pop up login form from Window).
Could anyone tell me where to start and how to set
You might want to read the comments on the following URL - it shows how
to configure authentication with a Windows domain, but apparently, it's
out of date:
http://www.raibledesigns.com/page/rd?
anchor=easy_windows_authentication_with_tomcat
Matt
On Dec 5, 2003, at 9:45 AM, Bui, Bao-Ha D
http://jakarta.apache.org/tomcat/faq/windows.html#ntlm
-Tim
Bui, Bao-Ha D wrote:
Hi all,
I need to capture the WinNT account name of users to a jsp page.
We have Active Directory at our company. We can have a basic login form
(that standard pop up login form from Window).
Could anyone
]
Sent: Friday, December 05, 2003 11:58 AM
To: Tomcat Users List
Subject: Re: Basic Authentication
http://jakarta.apache.org/tomcat/faq/windows.html#ntlm
-Tim
Bui, Bao-Ha D wrote:
Hi all,
I need to capture the WinNT account name of users to a jsp page.
We have Active Directory at our
Hello,
I have a third party application named Intraspect5.6. It uses Tomcat 4.1 as
servlet engine. It uses Basic Authentication. I want to use the same Basic
Authentication used by Intraspect for my custom application that I have
deployed in the same Tomcat instance. From my webapp, can I go
Can somebody suggest how to implement Basic Authentication in Tomcat4.1 or
use an existing Basic Authentication being used by other application.
Thanks
-sumit
-Original Message-
From: Kumar, Sumit
Sent: Thursday, November 20, 2003 11:44 AM
To: 'Tomcat Users List'
Subject: Basic
It s not use in the class java.net.Authenticator ?
See it
-Original Message-
From: Kumar, Sumit [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 20, 2003 7:01 PM
To: 'Tomcat Users List'
Subject: RE: Basic Authentication
Can somebody suggest how to implement Basic
PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Re: Mutual and Basic Authentication switched on for the same web
application
Date: Wed, 24 Sep 2003 17:52:07 -0400
What is mutual authentication?
In web.xml you can define security contraints on servlets or URLS. Each
constraint can have its
than the Past or the Future Put together
From: Tim Funk [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Re: Mutual and Basic Authentication switched on for the same
web application
Date: Wed, 24 Sep 2003 17:52:07 -0400
What
Hi all
Is there a way to switch on Mutual and Basic Authentication switched on for
the same web application, such that certain URLs need Basic Authentication
and Certain URLs use Mutual Authentication for the same web application.
Regards
Rudolf
What is mutual authentication?
In web.xml you can define security contraints on servlets or URLS. Each
constraint can have its own login requirements. (FORM vs BASIC ...)
-Tim
Rudolf Castelino wrote:
Hi all
Is there a way to switch on Mutual and Basic Authentication switched on
for the same
, 2003 6:25 AM
To: Tomcat Users List
Subject: Re: Can JSP track users in a basic authentication protected
realm ?
You could possibly track the referer header of the request. If the
referer is a site outside your protection domain then re-authenticate.
This could be done in a filter: Check the header
such a way as mentioned above ?
The log out button kind of effect.
Many thanks.
Regards
David
-Original Message-
From: George Sexton [mailto:[EMAIL PROTECTED]
Sent: Sunday, September 21, 2003 12:47 AM
To: 'Tomcat Users List'
Subject: RE: Can JSP track users in a basic authentication
Hi guys,
Does anyone know how I can implement the above mentioned?
Once they exit the protected realm (i.e. the protected folder in my
htdocs), when they re-enter the site again they will be asked for a
password. I have a simple basic authentication system but it doesn't
track the user when
Subject: Can JSP track users in a basic authentication protected realm ?
Hi guys,
Does anyone know how I can implement the above mentioned?
Once they exit the protected realm (i.e. the protected folder in my
htdocs), when they re-enter the site again they will be asked for a
password. I have a simple
instance of the IE) they will prompted for the password
and ID again.
Currently, with basic authentication ( implemented using HTTP SERVER)
the server does not recognise if the user has moved onto another site
outside the protected realm. If he decides to surf an area outside the
protected realm
I'm having a problem that I was unable to find any info on in the documentation or the
mailing list archives.
I've set up Basic Authentication with Tomcat 4.1.27 and an Oracle LDAP server. I've
got this working just fine but what I really want is Form-Based Authentication which
has thus far
Quoting from the recent 'Tomcat: The Definitive Guide' book: At the time of
this writing, this realm (i.e. JAAS) implementation does not seem to
work Possibly it still doesn't.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
I am trying to run my JAASRealm implementation, and I have it working
successfully on my own apps using Form-based authentication, but when I
try to use it for tomcat's manager tool (configured in
webapps/manager.xml) or any other app using basic authentication, I have
problems.
First of all
name. But
never work for a directory. As you see following code, it pops up basic
authentication window for
all *.doc files, but does not work for files under /document directory.
Anyone had the same experience?
= web.xml ===
security-constraint
display-nameSecurity Check/display
try /document/* as the url-pattern or /document/*.doc if you want the .doc files under
/document to be protected ...
-Original Message-
From: Daniel Zhang [mailto:[EMAIL PROTECTED]
Sent: 22. juli 2003 14:48
To: Tomcat Users List
Subject: Basic Authentication not work for directory
Hi
Subject: Basic Authentication not work for directory
Hi, all -
I've configured Tomcat 4.1.18 on RH Linux 8 server. Then I need some
authentication for certain
directories under webapps. So I configured server.xml, web.xml and
tomcat-users.xml creating a
role and its username with password
Using tomcat 4.1.24, it appears that if using Basic
authentication and a user enters a valid username but
an invalid password, access to the restricted page is
forbidden from then on (403 error code is returned all
the time).
User is never given a second chance at typing the
username and password
I have a box where Apache's basic authentication is working fine, via
directives in httpd.conf or an .htaccess file in the selected directory.
However, when the selected directory is located under the webapp context
directory, Apache serves it up without any prompting for any username
and password
Is it possible to define an error page for the basic authentication? and
if yes, how/where? i have tried to define error-page for code 401, but
realized that i am using constraint on everything , thus i am guessing
that error page may be falling under the constraint as well. (not sure
about
1 - 100 of 190 matches
Mail list logo
