It's not a secret anymore!
The moose likes Tomcat and the fly likes security-constraint and error-page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "security-constraint and error-page" Watch "security-constraint and error-page" New topic

security-constraint and error-page

Jason Brawner
Ranch Hand

Joined: Dec 19, 2001
Posts: 66
I've setup a security constraint, with basic authentication, in a memory
realm. It works as expected until I add an error page for the 401 error
code (unauthorized). Then, when I request the page, I get the 401 error
page automatically and am never prompted to login. I was expecting to get
the 401 error page only if I supplied an incorrect login.
What am I doing wrong? (Win2000pro, Tomcat 4.0.3, jdk 1.4) Here is a
portion of my web.xml:
<web-resource-name>BrawnerLau Website</web-resource-name>
<realm-name>BrawnerLau Website</realm-name>

Jason E. Brawner<br />Sun Certified Java Programmer<br />Sun Certified Web Component Developer
Mike Curwen
Ranch Hand

Joined: Feb 20, 2001
Posts: 3695

From the tomcat-user mailing list, I found an old (01/22/2002) email in which Craig McClanahan says: Perhaps they haven't finished working out the bugs by 4.0.3

I wasn't able to find anything on either.
Jason Brawner
Ranch Hand

Joined: Dec 19, 2001
Posts: 66
Damn.... I seem to find all the bugs.
I agree. Here's the link:
subject: security-constraint and error-page
jQuery in Action, 3rd edition