tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From leebernard <>
Subject Help Please: Tomcat 3.2.3 with NT Challenge and Response
Date Sun, 06 Jan 2002 16:55:07 GMT

I have a technical question on Tomcat 3.2.3 with NT Challenge and 
Response Authentication.

I have Tomcat 3.2.3 setup on an Windows NT 4.0 SP6a Intel Machine (C 
drive). The tomcat configuration is fine and i am able to surf JSP Pages.

In  NT 4.0 I have a Site  which roots directory points to  D Drive e.g   
Within d:\kvdir there are 2 subdirectories   d:\kvdir\asp  and d:\kvdir\atk
both the subdirectory contain  JSP files.
the Tomcat config states

We have enabled or turn-on NT Challenge and response  authentication on 
d:\kvdir\atk directory. (note: Anonymous authentication is not enabled 
for this sub-directory).

Therefore, when users from the internet access to e.g
The NT Challenge and Response page would appear. we would key in the NT 
username and password (this IIS4.0 server is a standalone server  - so 
we've created local accounts). Login is ok and the MainLogin.html page 
is showned.

Next within the MainLogin.html page, there are 2 sub-URL links for user 
and administator login.  Once clicked it would go the the respective 
user and administrator login JSP Pages. These JSP basically contains 2 
fields for user to key in their application's Login name and password - 
which it the verifies with a local MS SQL7.0 database (JDBC) upon 
clicking submit button. If the login is correct the page would do a 
redirection to the Main Menu page (implement as a simple JSP Page).

we are using send.redirect (........) to redirect to this Main menupage 
 e.g mainadmin.jsp

The problem we faced is that the redirectiion doesn't seem to work. The 
IE browser would just seems to be forever in loading.

If we turn off NT Challenge and response authentication, the redirection 
to the mainadmin.jsp works.

I really need help - Please advise if NT CHallenge and REsponse 
authentication has any adverse effect on JSP Redirection codes. I have 
logged with Microsoft and they decline to comment as the ISAPI Filter 
used by tomcat is considered as a 3rd party plugin.   I am not using any 
NT loging credientials in my JSP application. our JSP application's 
authentication is just simple form based login and password and query a 
local SQL Table via JDBC.

Your advise is greatly appreciated.

Bernard Lee

To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message