> On May 22, 2024, at 13:31, Garber, Frank > <francis.gar...@elevancehealth.com.INVALID> wrote: > > Not knowing how it’s supposed to behave, here’s another clue. When I click on > the “Server Status” button, I never get prompted for credentials.
This sounds like a browser configuration problem. On the first attempt to access a protected resource, the server will return a 401 status with a WWW-Authenticate header listing the acceptable authentication mechanisms; for Tomcat, "Basic" is the default. The browser is then supposed to take the specified action to determine the credentials - for Basic, that’s the typical dialog box prompt. If you’re using Edge (my condolences if so), go to edge://policy and look at the AuthSchemes entry; if it doesn’t include “basic”, you’ll never get the prompt. Can you correct the Edge config or try a different browser? - Chuck