tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shilpa Arora <>
Subject Re: Error 404: file not found while using BASIC HTTP Authorization
Date Fri, 19 Jan 2007 20:07:22 GMT

We also tried another thing. Our *web.xml* was for a Struts application, 
so we had following tags in it.


We commented out all such tags and the application worked fine i.e. it 
prompted us for the login and we were able to see *about.html*.
But for our struts application we need these *taglib *tags. So, does it 
mean, this BASIC authentication is not compatible with struts? Or is 
there some alternative way of specifying things for Struts.

Pls advise.

Thanks and Regards,

Shilpa Arora wrote:
> Thanks Christopher for the quick reply. Pls, see my answer to your 
> questions below:
> Christopher Schultz wrote:
>> Hash: SHA1
>> Shilpa,
>> Shilpa Arora wrote:
>>>  <security-constraint>
>>>    <web-resource-collection>
>>>      <web-resource-name>register-ucr</web-resource-name>
>>>      <url-pattern>/pages/about.html</url-pattern>
>>>    </web-resource-collection>
>>>    <auth-constraint>
>>>      <role-name>manager</role-name>
>>>    </auth-constraint>
>>>  </security-constraint>
>>>  <login-config>
>>>    <auth-method>BASIC</auth-method>
>>>    <realm-name>register-ucr</realm-name>
>>>  </login-config>
>> This configuration looks okay.
>>> When we try to access the page we give in <url-pattern>, we get an error
>>> in IE, error 404: file not found.
>> Where is your file? Is it possible that your file is in the wrong place?
>> Is the 404 error being returned by Tomcat or are you using Apache httpd
>> to serve static pages?
> The file is in at correct place as page shows up fine if no security 
> constraint is used and we are NOT using httpd to serve static pages.
>>> And when we simply give
>>> *<url-pattern>/*</url-pattern>* , strange thing is it doesn't prompt
>>> the user name and just shows us the page directly with no error as if
>>> there was no change.
>> Once you login once with BASIC authentication, you are basically logged
>> in until you close your browser. Have you tried that? Or, use a
>> different browser or another separate instance of MSIE in order to test?
>> I know that I've made similar mistakes when testing this kind of
>> thing... the browser and server agree that you /are/ logged-in, but you
>> don't think you should be.
> We tried closing the browser and reopening and also tried using a 
> separate instance of MSIE. We have been trying with both Mozilla and MSIE.
>>> We also made change in server.xml of tomcat. Where we commented the
>>> UserDatabaseRealm reference and uncommented the MemoryRealm reference.
>> The choice of realm should not matter (assuming that the allowed users
>> are the same). Once you are logged-in using BASIC auth, changing the
>> realm won't affect anything (since you are already logged-in).
> But when do we actually login with the BASIC auth. It never prompted 
> us for anything.
>>> In our application, we are using Struts as well.
>> Struts should not be interfering, here. As you pointed out, you are
>> trying to serve a static file (about.html), so Struts should not be
>> involved.
> its a struts application and about.html is one static page we tried 
> thinking it would be a base case to get working first.
>> - -chris
> Thanks for your help.
> Regards,
> Shilpa
>> Version: GnuPG v1.4.6 (MingW32)
>> Comment: Using GnuPG with Mozilla -
>> iD8DBQFFsRHB9CaO5/Lv0PARAji5AJ92i0i316q2U7uvMl/qglN6UiCRUQCfXeT5
>> o4MkaZfjF6ZTJIt4/Gx1lTM=
>> =Z9ZD
>> -----END PGP SIGNATURE-----
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail:
>> To unsubscribe, e-mail:
>> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message