I have been succeeded to apply the form-based authentication, but failed to apply the basic one.
Everytime I tried to access the constrainted resources, a blank page showed instead of an expected form for me to fill out. (I am using tomcat 5.5)
When I read the HFSJ book, I was uncertain about those authentication methods except the FORM-based one.
When the requested resource is constrainted, the web container sends back a response to request username and password. In such a case (except the Form-based), which is responsible to create the form for client to input the username and password? Does the web browser will automatically creat one? or Tomcat create the form and send it back to the client with the 401 response code?