tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Remy Maucherat" <r...@apache.org>
Subject Re: BugRat Report #574 has been filed.
Date Tue, 12 Dec 2000 18:21:19 GMT
>Synopsis:
>Browser issues a "document contains no data" when a secure page is accessed
by an >valid, unauthorized user (wrong role).

I tested with my HTTP client, and got that :

[Slide]$ get /webdav/

<snip>

Request: GET /webdav/ HTTP/1.1
GET /webdav/ HTTP/1.1
Content-Length: 0
Authorization: Basic cm9vdDpyb290
cookie: $Version=1
host: 127.0.0.1:8080
user-agent: org.apache.webdav.lib.WebdavClient

HTTP/1.1 403 Access to the requested resource has been denied
Response: HTTP/1.1 403 Access to the requested resource has been denied
Content-Length: 0
Date: Tue, 12 Dec 2000 18:10:55 GMT
Server: Apache Tomcat/4.0-dev (HTTP/1.1 Connector)
Connection: close

Closing connection
Status: 403

I was using an incorrect role ("root", and "tomcat" was expected). I got a
403 back (which is normal). We don't return an error page in that particular
case (this error is returned by the authenticator valve), so that's why you
see no data.

Remy


Mime
View raw message