I'm attempting to use a combination of an error-page for 401 codes and BASIC authentication. My version is Tomcat 4.1.27 on Windows XP.
Without the error-page, the authentication works fine. A username/password dialog is presented when attempting to enter the /sponsor, /webmaster, or /admin directories. However, with both the security-contraint and the custom 401 error-page, only the /Beta.jsp is shown. That is to say, the dialog box is never shown-- the user is directed straight to the /Beta.jsp. I've attempted to shutdown Tomcat, close all browsers, clean their cache, destroy all cookies, deleted compiled pages, deleted serialized sessions, and shave my cats, all to no avail. Does anyone have any insight? Other error-codes (500,404) work fine. Only the 401. I've searched mail archives, and this problem has been mentioned with earlier versions, but never quite in this manner. The web.xml looks as follows. <error-page> <error-code>401</error-code> <location>/Beta.jsp</location> </error-page> <security-constraint> <web-resource-collection> <web-resource-name> Entire Application </web-resource-name> <url-pattern>/sponsor/*</url-pattern> <url-pattern>/webmaster/*</url-pattern> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>MyAdmin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>My Members-only Area</realm-name> </login-config> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]