Hello, Without knowing how are your security-constraint, and where are the css file, I don't think anyone could help you.
Did you try as a last measure to force css file to pass through the authentification, something as : <security-constraint> <web-resource-collection><url-pattern>*.css</url-pattern></web-resource-collection> </security-constraint> (probably not a valid security-constraint, just to give the idea) I did this kind of thing for the favicon. We had a webapp entirely protected by form authentication and on firefox after authentication we were directed to the favicon.ico (when one existed). Firefox seems to get the favicon after the first request even when the status is 401... So we had to add a special security-constraint for the favicon for our application to work correctly and correct that firefox behavior (I want to say bug, but I'm sure there is a very good explanation for this :). 2013/4/18 Barbara Newton <barbara.new...@gmail.com>: > This is driving me crazy! I have configured from authentication in my > web.xml with a number of security constraints. None of the constraints map > to any CSS files. However, when I bring up the application the CSS files > are hitting the authentication. Since my form has styling this is a > problem of the chicken-and-egg sort since the CSS files are not > authenticated yet. > > On top of that, when I do successfully authenticate, the CSS file is the > one that has been saved by the authenticator and is the one that is > returned so the browser just brings up the raw CSS file. > > Any thoughts? Ideas? > > ========================================================= > The major difference between a thing that might go wrong and a thing that > cannot possibly go wrong is that when a thing that cannot possibly go wrong > goes wrong it usually turns out to be impossible to get at or repair > ---* Douglas Adams* --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
