It seems unlikely that IIS would arbitrarily intercept a request that it has been instructed to forward, but I do not know enough about integrating IIS with Tomcat to know for sure.
Perhaps you can turn on the RequestDumper Value in Tomcat to see what headers are being submitted when you access Tomcat through the standalone port versus accessing Tomcat through IIS. That might give you more information that you have now. :-) Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com ----- Original Message ----- From: "Felipe" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" <[EMAIL PROTECTED]> Sent: Monday, February 10, 2003 14:39 Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed > Yes. I can authenticate through the tomcat standalone port. > I am using the BASIC with a MemoryRealm. > Everything as simple as it can get! > > Do you know if it is possible to have IIS to leave the authentication to > tomcat? > > Thanks, > Felipe > > > -----Original Message----- > From: Sean Dockery [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 10, 2003 3:50 PM > To: Tomcat Users List > Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed > > Can you authenticate through the Tomcat standalone port? Or does that > fail > as well? > > What method of authentication are you using? BASIC or DIGEST? If you > are > currently using DIGEST, try BASIC (for testing purposes). > > What type of Realm are you authenticating against? MemoryRealm, JDBC, > or > JNDI? > > Sean Dockery > [EMAIL PROTECTED] > Certified Java Web Component Developer > Certified Delphi Programmer > SBD Consultants > http://www.sbdconsultants.com > > ----- Original Message ----- > From: "Felipe" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" <[EMAIL PROTECTED]> > Sent: Monday, February 10, 2003 09:08 > Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed > > > > Yes. I have defined the user, password and role and everything else > needed > > to make it work on tomcat. What seems to be the problem is that IIS is > > trying to authenticate the user by itself instead of forwarding the > > user/password information to tomcat. (It allow me to try 3 times and > then > > give me the "Unauthorized: Logon Failed" error page regardless the > valid > > user and password). > > > > I know the ISAPI filter is working because if I remove the security > > constraint from tomcat I can get to it and I know the tomcat security > > constraint is working because if I can get to it using the "stand > alone" > > port. > > > > Have you seen this scenario working before? I found some posts with > this > > issue but no reply to any of them. > > > > Thanks, > > Felipe > > > > > > > > -----Original Message----- > > From: Sean Dockery [mailto:[EMAIL PROTECTED]] > > Sent: Monday, February 10, 2003 8:05 AM > > To: Tomcat Users List > > Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon > Failed > > > > Where have you defined the user and password that you believe you > should > be > > a valid user? What is the role constraint that you have defined on > the > web > > resource? Is the user in question set up for that role? > > > > Sean Dockery > > [EMAIL PROTECTED] > > Certified Java Web Component Developer > > Certified Delphi Programmer > > SBD Consultants > > http://www.sbdconsultants.com > > > > ----- Original Message ----- > > From: "Felipe Crochik" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Sunday, February 09, 2003 21:34 > > Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed > > > > > > > I am trying to use the tomcat security constraints "behind" an IIS > web > > > server. I know tomcat and the ISAPI filter are working. Also, Tomcat > > > authorization is working bypassing IIS using port 8080. > > > > > > When I try to reach the exactly same application through IIS (port > 80) I > > > get the user validation dialog box and after I try to login with a > valid > > > user and password I get HTTP 401.1 - Unauthorized: Logon Failed. > > > > > > TIA, > > > Felipe > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > ------------------------------------------------------------------------ > ---- > ---- > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]