Yes you are right I looked into the bug database (should have done that first)
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10373 http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13430 This bug has been around forever, and will probably never be fixed it seems according to the developers. The hack only works for jsp pages, but doesn't work in servlets (anyone know why?), Tomcat ignores whatever you write out to the stream and puts in it's own standard message. This bug means you can't have professional looking web applications on Tomcat, I guess I have look into some other web applications solutions, too bad I kinda like Tomcat. Johann Uhrmann <[EMAIL PROTECTED]> wrote on 25.10.2002 12:00:18: > On Thu, 2002-10-24 at 16:24, Kristj�n Bjarni Gu�mundsson wrote: > > I use custom error pages for various error codes (404. etc), all of them > > work except 401 error. > > > > If I go to a protected page the browser just displays the 401 page without > > prompting me > > to log in. What am I doing wrong? > Short answer: nothing > Tomcat sends that pages with response code 200. I consider this a bug. > If You want tomcat to send You 401-page with a 401 code You have to > use a JSP which sets the response code manually: > ... > <% response.setStatus(response.SC_UNAUTHORIZED); > response.setHeader("WWW-Authenticate", "BASIC realm=\"restricted\""); > %> > ... > It is a hack but at least it is working. > hth, > Hans > > -- > To unsubscribe, e-mail: < mailto:tomcat-user-unsubscribe@;jakarta.apache.org> > For additional commands, e-mail: < mailto:tomcat-user-help@;jakarta.apache.org>
