Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 60654 invoked from network); 25 Feb 2003 09:18:39 -0000 Received: from exchange.sun.com (192.18.33.10) by daedalus.apache.org with SMTP; 25 Feb 2003 09:18:39 -0000 Received: (qmail 21865 invoked by uid 97); 25 Feb 2003 09:20:26 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@nagoya.betaversion.org Received: (qmail 21858 invoked from network); 25 Feb 2003 09:20:26 -0000 Received: from daedalus.apache.org (HELO apache.org) (208.185.179.12) by nagoya.betaversion.org with SMTP; 25 Feb 2003 09:20:26 -0000 Received: (qmail 59115 invoked by uid 500); 25 Feb 2003 09:18:16 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 59102 invoked from network); 25 Feb 2003 09:18:16 -0000 Received: from oak.fernuni-hagen.de (132.176.114.41) by daedalus.apache.org with SMTP; 25 Feb 2003 09:18:16 -0000 Received: from amavis by oak.FernUni-Hagen.de with scanned-ok (Exim 4.04) id 18nbEK-0006Q5-00 for tomcat-user@jakarta.apache.org; Tue, 25 Feb 2003 10:18:28 +0100 Received: from ithaka.fernuni-hagen.de ([132.176.113.33] helo=FernUni-Hagen.de) by oak.FernUni-Hagen.de with esmtp (Exim 4.04) id 18nbEF-0006PJ-00 for tomcat-user@jakarta.apache.org; Tue, 25 Feb 2003 10:18:23 +0100 Message-ID: <3E5B34DF.8030808@FernUni-Hagen.de> Date: Tue, 25 Feb 2003 10:18:23 +0100 From: Oliver Schoenwald Organization: FernUniversitaet Hagen User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: Tomcat Users List Subject: Configuring Tomcat 4.1.18 to handle 401 http errors Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Scanned: by AMaViS perl-11 X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Good morning! some days ago I already asked a question regarding this context, but I had some time to dive a bit into the Servlet API 2.3 Specification. So far, it seems that the specification states that the container, not the servlet, is the layer attached to the client. And the container, not the servlet, controls, which and how any http errors created by a servlet within the container are handled, mapped and sent back to the client. Some digging in the catalina source code retrieved that in "HttpResponseBase.java" there is a method finishResponse where the handling of every HTTP error >= 400 is hard-coded to be transformed into a simple, valid html-page with a plainly written error summary. However, we need the http error 401 to be send 'as is' to the client. It doesn't have to be directly, but the container should not catch this error and create an html page out of it. Does someone know how I can achieve this? Or has the Servlet API changed the communication protocol so far that this is just no longer possible without violating the standard? In that case, how SHOULD a servlet invalidate the current authentication so that the currently buffered authentication data (buffered by the client/browser) are no longer accepted and the browser is forced to ask the user again for authentication? Thank you in advance, Oliver Sch�nwald --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org