I'm attempting to use a combination of an error-page for 401 codes and BASIC
authentication. My version is Tomcat 4.1.27 on Windows XP.
Without the error-page, the authentication works fine. A username/password
dialog is presented when attempting to enter the /sponsor, /webmaster, or
/admin directories. However, with both the security-contraint and the
custom 401 error-page, only the /Beta.jsp is shown. That is to say, the
dialog box is never shown-- the user is directed straight to the /Beta.jsp.
I've attempted to shutdown Tomcat, close all browsers, clean their cache,
destroy all cookies, deleted compiled pages, deleted serialized sessions,
and shave my cats, all to no avail.
Does anyone have any insight? Other error-codes (500,404) work fine. Only
the 401. I've searched mail archives, and this problem has been mentioned
with earlier versions, but never quite in this manner.
The web.xml looks as follows.
<error-page>
<error-code>401</error-code>
<location>/Beta.jsp</location>
</error-page>
<security-constraint>
<web-resource-collection>
<web-resource-name>
Entire Application
</web-resource-name>
<url-pattern>/sponsor/*</url-pattern>
<url-pattern>/webmaster/*</url-pattern>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>MyAdmin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My Members-only Area</realm-name>
</login-config>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
