tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Schoenwald <>
Subject Configuring Tomcat 4.1.18 to handle 401 http errors
Date Tue, 25 Feb 2003 09:18:23 GMT
  Good morning!

some days ago I already asked a question regarding this context, but I 
had some time to
dive a bit into the Servlet API 2.3 Specification. So far, it seems that 
the specification states
that the container, not the servlet, is the layer attached to the 
client. And the container,
not the servlet, controls, which and how any http errors created by a 
servlet within the container
are handled, mapped and sent back to the client.

Some digging in the catalina source code retrieved that
in "" there is a method finishResponse where the 
handling of
every HTTP error >= 400 is hard-coded to be transformed into a simple, 
valid html-page with
a plainly written error summary.

However, we need the http error 401 to be send 'as is' to the client. It 
doesn't have to be directly,
but the container should not catch this error and create an html page 
out of it.

Does someone know how I can achieve this? Or has the Servlet API changed 
the communication
protocol so far that this is just no longer possible without violating 
the standard?
In that case, how SHOULD a servlet invalidate the current authentication 
so that the currently
buffered authentication data (buffered by the client/browser) are no 
longer accepted and the browser
is forced to ask the user again for authentication?

Thank you in advance,

Oliver Schönwald

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message