-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matt,
On 6/29/2010 5:57 PM, Matthew Mauriello wrote: > I am having a minor problem related to Tomcat's BASIC Authentication setup. > > A user access my custom web application in the 'webapps' folder which is > accessible to everyone in a separate sub folder. This already smells funny. Can you give us the details of your directory structure, and what contexts actually map to what directories on the disk? > I have another 'webapps' > sub folder for SOLR which is secured with BASIC Authentication. I have my > custom web application log the user into the SOLR application when the > user wants to access it. So, webapp A contacts SOLR using HTTP BASIC AUTH, provides credentials, and then... what? > The problem I am having is that when the user navigates back to the custom > application folder from the SOLR application folder they get prompted with > the following message that I would like to disable: > --------- > "You are about to log in to the site "greygoose" with the username > "admin", but the website does not require authentication. This may be an > attempt to trick you. > > Is "greygoose" the site you want to visit?" > --------- > I am not sure if this is a browser setting that needs to be changed or if > there is a Tomcat setting I can implement to kill this error message, but > any help would be appreciated. It sounds like your webapp isn't doing the authentication: instead, you are somehow tricking the browser into doing the authentication instead. Do you ever intend for the client (the browser) to authenticate? Or, is webapp A supposed to use HTTP BASIC AUTH against SOLR and nothing else? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwqqgAACgkQ9CaO5/Lv0PBz2wCgnxIfadjNeeIeoAWsTLa1sWQK Q7MAn3S6k5tJLbNL5Am3V7hjzgpchebc =MOWu -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org