Sorry, it is a protected resource and I want to continue to use basic
authentication, not form authentication. I still don't see a way around the
problem.
The relevant part of my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>dora</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>1</role-name>
<role-name>2</role-name>
<role-name>3</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>DORA</realm-name>
</login-config>
-----Original Message-----
From: Boon Seong [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 5:37 PM
To: Tomcat Users List
Subject: Re: Basic authentication question
In that case, meaning it is a protected resource right ? Maybe u can try
using
the container's security feature such as putting this configuration in your
web application's web.xml file.
<security-constraint>
<web-resource-collection>
<web-resource-name>admin page</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/admin/login.jsp</form-login-page>
<form-error-page>/admin/error.jsp</form-error-page>
</form-login-config>
</login-config>
----- Original Message -----
From: "Koes, Derrick" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[EMAIL PROTECTED]>
Sent: Tuesday, March 25, 2003 6:31 PM
Subject: RE: Basic authentication question
>
> Unfortunately, this does not work.
> Tomcat seems to use 401 as a prompt to put up the basic auth login dialog.
> If you add the configuration below, it goes to this page first without
ever
> prompting for user login.
>
> Do you have any other suggestions?
>
> Thanks,
> Derrick
>
>
>
> -----Original Message-----
> From: Boon Seong [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 25, 2003 5:27 PM
> To: Tomcat Users List
> Subject: Re: Basic authentication question
>
> add this to the web.xml
>
> <error-page>
> <error-code>401</error-code>
> <location>/errorpage.jsp</location>
> </error-page>
>
> ----- Original Message -----
> From: "Koes, Derrick" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 25, 2003 6:22 PM
> Subject: Basic authentication question
>
>
> >
> > I wish to replace tomcat's 401 error page with something more elegant
and
> > specific to my web app. How can I do this?
> >
> > Thanks,
> > Derrick
> >
> >
> >
> > This electronic transmission is strictly confidential to Smith & Nephew
> and
> > intended solely for the addressee. It may contain information which is
> > covered by legal, professional or other privilege. If you are not the
> > intended addressee, or someone authorized by the intended addressee to
> > receive transmissions on behalf of the addressee, you must not retain,
> > disclose in any form, copy or take any action in reliance on this
> > transmission. If you have received this transmission in error, please
> > notify the sender as soon as possible and destroy this message.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> This electronic transmission is strictly confidential to Smith & Nephew
and
> intended solely for the addressee. It may contain information which is
> covered by legal, professional or other privilege. If you are not the
> intended addressee, or someone authorized by the intended addressee to
> receive transmissions on behalf of the addressee, you must not retain,
> disclose in any form, copy or take any action in reliance on this
> transmission. If you have received this transmission in error, please
> notify the sender as soon as possible and destroy this message.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
This electronic transmission is strictly confidential to Smith & Nephew and
intended solely for the addressee. It may contain information which is
covered by legal, professional or other privilege. If you are not the
intended addressee, or someone authorized by the intended addressee to
receive transmissions on behalf of the addressee, you must not retain,
disclose in any form, copy or take any action in reliance on this
transmission. If you have received this transmission in error, please
notify the sender as soon as possible and destroy this message.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
