tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Felipe" <>
Subject RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed
Date Mon, 10 Feb 2003 16:08:42 GMT
Yes. I have defined the user, password and role and everything else needed
to make it work on tomcat. What seems to be the problem is that IIS is
trying to authenticate the user by itself instead of forwarding the
user/password information to tomcat. (It allow me to try 3 times and then
give me the "Unauthorized: Logon Failed" error page regardless the valid
user and password).

I know the ISAPI filter is working because if I remove the security
constraint from tomcat I can get to it and I know the tomcat security
constraint is working because if I can get to it using the "stand alone"

Have you seen this scenario working before? I found some posts with this
issue but no reply to any of them.


-----Original Message-----
From: Sean Dockery [] 
Sent: Monday, February 10, 2003 8:05 AM
To: Tomcat Users List
Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed

Where have you defined the user and password that you believe you should be
a valid user?  What is the role constraint that you have defined on the web
resource?  Is the user in question set up for that role?

Sean Dockery
Certified Java Web Component Developer
Certified Delphi Programmer
SBD Consultants

----- Original Message -----
From: "Felipe Crochik" <>
To: <>
Sent: Sunday, February 09, 2003 21:34
Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed

> I am trying to use the tomcat security constraints "behind" an IIS web
> server. I know tomcat and the ISAPI filter are working. Also, Tomcat
> authorization is working bypassing IIS using port 8080.
> When I try to reach the exactly same application through IIS (port 80) I
> get the user validation dialog box and after I try to login with a valid
> user and password I get HTTP 401.1 - Unauthorized: Logon Failed.
> TIA,
> Felipe

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message