Hi, when using basic authentication with tomcat, tomcat sends a 401 response code if the user is accessing the page for the first time.
This makes the browser show a login window and retry the request with the username/password provided by the user. However, if there is already a username and password in the request, then tomcat answers with a 403 code which does not result in a login window. Unfortunately, if the user makes a typo when he/she tries to log in there is no chance to make another try except restarting the web browser. Does tomcat provide any mechanism to make it return 401 instead of 403? (except the hack of specifying a user based 403 jsp and make it return 401) Thanks, Hans -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
