Hi Thomas, I am also having a similiar problem in our system. I am using HTTPClient jar as http client.Our product is running on tomcat 3.2.3+Apache1.3. (Windows NT)
1)Pls look at the following code. HTTPConnection httpcon = new HTTPConnection(url); httpcon.addBasicAuthorization("es","username","password"); even though the above code exists for Basic Authorization, it is still popping up java dialog box asking username and passoword. Why the console popping up?.. 2) here i set userinteraction to false and commented the authorization code, now it is not popping up the java console.But the system running properly and gets the required data without asking username and password. HTTPConnection httpcon = new HTTPConnection(url); httpcon.setAllowUserInteraction(false); //httpcon.addBasicAuthorization("es","username","password"); How is it possible?..Is there security hole with the site?... NOTE: I should enter username and password when i tried to access the site thro browser.Otherwise it is throwing error. Any help would be appreciated... thanks, Ramkumar ----- Original Message ----- From: "Thomas Muller" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 17, 2003 3:50 PM Subject: Tomcat 3.2.1: Basic authentication and Win 2000 > Hi, > > When I try to apply basic authentication to an area, Win 2000 pops up with a > login dialog that requires windows credentials (or something). It seems like > Windows refuses do allow Tomcat to do authentication alone. Without any > knowledge of Tomcat internals, I guess it's the AccessInterceptor that > controls the behaviour (or at least tries to): > > <RequestInterceptor className="org.apache.tomcat.request.AccessInterceptor" > /> > > I've tried to define the windows login credentials in tomcat-users.xml, > allow the actual Tomcat service to run as that user etc etc. Nothing helps. > Can't log in. > > <security-constraint> > > <web-resource-collection> > <web-resource-name>Protected Area</web-resource-name> > <url-pattern>/server/*</url-pattern> > </web-resource-collection> > > <auth-constraint> > <role-name>mbxadmin</role-name> > </auth-constraint> > > </security-constraint> > > <!-- Default login configuration uses BASIC authentication > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>Basic Authentication Area</realm-name> > </login-config> > > How can I instruct win 2000 (or Tomcat) to override the OS specific > behaviour? > > Any input on this would be much appreciated. > > -- > > Thomas > > > > > > > ************************************************************************* > Copyright ERA Technology Ltd. 2002. (www.era.co.uk). All rights reserved. > The information supplied in this Commercial Communication should be treated > in confidence. > No liability whatsoever is accepted for any loss or damage > suffered as a result of accessing this message or any attachments. > > ________________________________________________________________________ > This email has been scanned for all viruses by the MessageLabs SkyScan > service. For more information on a proactive anti-virus service working > around the clock, around the globe, visit http://www.messagelabs.com > ________________________________________________________________________ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]