Can you authenticate through the Tomcat standalone port? Or does that fail as well?
What method of authentication are you using? BASIC or DIGEST? If you are currently using DIGEST, try BASIC (for testing purposes). What type of Realm are you authenticating against? MemoryRealm, JDBC, or JNDI? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com ----- Original Message ----- From: "Felipe" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" <[EMAIL PROTECTED]> Sent: Monday, February 10, 2003 09:08 Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed > Yes. I have defined the user, password and role and everything else needed > to make it work on tomcat. What seems to be the problem is that IIS is > trying to authenticate the user by itself instead of forwarding the > user/password information to tomcat. (It allow me to try 3 times and then > give me the "Unauthorized: Logon Failed" error page regardless the valid > user and password). > > I know the ISAPI filter is working because if I remove the security > constraint from tomcat I can get to it and I know the tomcat security > constraint is working because if I can get to it using the "stand alone" > port. > > Have you seen this scenario working before? I found some posts with this > issue but no reply to any of them. > > Thanks, > Felipe > > > > -----Original Message----- > From: Sean Dockery [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 10, 2003 8:05 AM > To: Tomcat Users List > Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed > > Where have you defined the user and password that you believe you should be > a valid user? What is the role constraint that you have defined on the web > resource? Is the user in question set up for that role? > > Sean Dockery > [EMAIL PROTECTED] > Certified Java Web Component Developer > Certified Delphi Programmer > SBD Consultants > http://www.sbdconsultants.com > > ----- Original Message ----- > From: "Felipe Crochik" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Sunday, February 09, 2003 21:34 > Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed > > > > I am trying to use the tomcat security constraints "behind" an IIS web > > server. I know tomcat and the ISAPI filter are working. Also, Tomcat > > authorization is working bypassing IIS using port 8080. > > > > When I try to reach the exactly same application through IIS (port 80) I > > get the user validation dialog box and after I try to login with a valid > > user and password I get HTTP 401.1 - Unauthorized: Logon Failed. > > > > TIA, > > Felipe > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > ---------------------------------------------------------------------------- ---- > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
