Hi, I have a technical question on Tomcat 3.2.3 with NT Challenge and Response Authentication.
I have Tomcat 3.2.3 setup on an Windows NT 4.0 SP6a Intel Machine (C drive). The tomcat configuration is fine and i am able to surf JSP Pages. In NT 4.0 I have a Site which roots directory points to D Drive e.g d:\kvdir. Within d:\kvdir there are 2 subdirectories d:\kvdir\asp and d:\kvdir\atk both the subdirectory contain JSP files. the Tomcat config states /atk/*.jsp=ajp12 /asp/*.jsp=ajp12 We have enabled or turn-on NT Challenge and response authentication on d:\kvdir\atk directory. (note: Anonymous authentication is not enabled for this sub-directory). Therefore, when users from the internet access to e.g www.websitedomain.com/atk/MainLogin.html The NT Challenge and Response page would appear. we would key in the NT username and password (this IIS4.0 server is a standalone server - so we've created local accounts). Login is ok and the MainLogin.html page is showned. Next within the MainLogin.html page, there are 2 sub-URL links for user and administator login. Once clicked it would go the the respective user and administrator login JSP Pages. These JSP basically contains 2 fields for user to key in their application's Login name and password - which it the verifies with a local MS SQL7.0 database (JDBC) upon clicking submit button. If the login is correct the page would do a redirection to the Main Menu page (implement as a simple JSP Page). we are using send.redirect (........) to redirect to this Main menupage e.g mainadmin.jsp The problem we faced is that the redirectiion doesn't seem to work. The IE browser would just seems to be forever in loading. If we turn off NT Challenge and response authentication, the redirection to the mainadmin.jsp works. I really need help - Please advise if NT CHallenge and REsponse authentication has any adverse effect on JSP Redirection codes. I have logged with Microsoft and they decline to comment as the ISAPI Filter used by tomcat is considered as a 3rd party plugin. I am not using any NT loging credientials in my JSP application. our JSP application's authentication is just simple form based login and password and query a local SQL Table via JDBC. Your advise is greatly appreciated. Regards Bernard Lee Singapore -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
