I'm running Tomcat 4.0.3 standalone and I've tried to enable encryption and
authentication (BASIC) on a jsp-page. I've currently only tested this with IE 6.
Without encryption everything works fine. I simply type in the access-restricted URL,
a BASIC-authentication requester appears, if I don't enter the correct username and
password the page is not shown. Perfect.
Then I add the following three lines to my web.xml (inside the security-constraint
element):
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
Again I type in the access-restricted URL. However, this time a requester appears
stating that from now on a secure link will be used. So far so good I guess, so I
press the OK-button and to my surprise I am shown a "This page cannot be
displayed"-message. I wasn't even given a chance to type in my username and password.
It happens using both BASIC and FORM based authentication.
What am I doing wrong?
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
