After a few days, I'm out of ideas for this problem.
I just installed Tomcat 7 to serve a web-app that has one page protected by DIGEST authentication.
When I set the port for Tomcat to 80, everything works fine.
When I set the port for Tomcat to 8080 and turn on Apache2 on port 80, the username/password box comes up but when I put in my username and password, the box just refreshes and the web-app doesn't let me into the protected page.
I get no errors in the tomcat or apache logs.
I'm using Ubuntu Server 10, Tomcat 7 and Apache2
I'm not even sure what to put here to help debug this, so I'll just add the common configuration files I've been working with.
this is from Tomcat 7's server.xml
This is from the tomcat-users.xml
This is from apache2 /etc/apache2/sites-available/default
I would put the web.xml files but since the web-app works fine when Tomcat is listening on port 80, I tend to think it's a fault in the server configuration.
If there's anything else I should put up, or take down, please let me know.
Check out ProxyPassReverseCookiePath directive at http://httpd.apache.org/docs/2.1/mod/mod_proxy.html#proxypassreversecookiepath When you use port 80 with tomcat, the cookie goes for /test1/ context and browser sends that back, so it works. But when you do ProxyPass and reverse, although the /test1/ context is served at context / but the cookie is not translated. Once you setup the directive ProxyPassReverseCookiePath, it should work.