This is an FYI for people devloping servlets/JSP for use under Tomcat and JRun. Tomcat works fine when using the Sun recommended way of setting www-authenticate headers using setHEader followed by sendError with an UNAUTHORIZED code. JRun, on the other hand (sorry, don't know the version, but it is running Servlet API 2.1) need you to call setHeader followed by setStatus(int) with the UNAUTHORIZED code (401). If you call sendError jRun will not send the www-authenticate header and you will not be prompted for a password in IE. Netscape will prompt you for a password for "unknown" instead of for the Realm specified in the header (because the header is not sent). I am sending this because I figure a lot of people are doing devlopment under Tomcat, but their servlets may be deployed using other servlet containers... Joe Laffey LAFFEY Computer Imaging St. Louis, MO ------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]
