tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kristján Bjarni Guðmundsson <kris...@hugvit.is>
Subject Re: Tomcat and 401 custom page how?
Date Fri, 25 Oct 2002 15:03:36 GMT
Yes you are right I looked into the bug database (should have done that 
first)

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10373
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13430

This bug has been around forever, and will probably never be fixed it 
seems according to the developers.

The hack only works for jsp pages, but doesn't work in servlets (anyone 
know why?), Tomcat ignores whatever you write out
to the stream and puts in it's own standard message.

This bug means you can't have professional looking web applications on 
Tomcat, I guess I have look
into some other web applications solutions, too bad I kinda like Tomcat.

Johann Uhrmann <johann.uhrmann@xpecto.com> wrote on 25.10.2002 12:00:18:

> On Thu, 2002-10-24 at 16:24, Kristján Bjarni Guðmundsson wrote:
> > I use custom error pages for various error codes (404. etc),  all of 
them
> > work except 401 error.
> >
> > If I go to a protected page the browser just displays the 401 page 
without
> > prompting me
> > to log in. What am I doing wrong?

> Short answer: nothing

> Tomcat sends that pages with response code 200. I consider this a bug.

> If You want tomcat to send You 401-page with a 401 code You have to
> use a JSP which sets the response code manually:

> ...
> <% response.setStatus(response.SC_UNAUTHORIZED);
> response.setHeader("WWW-Authenticate", "BASIC realm=\"restricted\"");
> %>
> ...

> It is a hack but at least it is working.

> hth,

> Hans

> 
> --
> To unsubscribe, e-mail:   <
mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <
mailto:tomcat-user-help@jakarta.apache.org>
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message