tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From daniel steel <sec...@yahoo.com>
Subject Re: tomcat security and window open js
Date Wed, 06 Aug 2008 15:08:37 GMT
All,

   i found some interesting results by changing role defined
under security-constraint. if we defined tomcat as the role-name, then
window.open fails but if i change the role-name to manager, window.open
works. why?



      <security-constraint> 

      <auth-constraint>

            <role-name>manager</role-name>

        </auth-constraint>

</security-constraint>



thanks

dan



p.s. chris, your reply to earlier email was blank and so i am not sure if you had answered
the above question.

--- On Tue, 7/29/08, daniel steel <secc77@yahoo.com> wrote:
From: daniel steel <secc77@yahoo.com>
Subject: tomcat security and window open js
To: users@tomcat.apache.org
Date: Tuesday, July 29, 2008, 1:10 PM

all, 

  we are having issues with IE(?) - javascript - window.open
function and tomcat. When we deploy tomcat with basic authentication
security enabled and  in our jsp when ever we call 



window.open(url,.....), it asks for username / password (authetication) again.



how do we over come this? is this issue with IE or this is how http
basic authentication works? if we try new window (ctrl + N) and paste
the new jsp url, it works fine.



i don't think its relavant to this, i tried setting up valve and it
didn't work.



https://issues.apache.org/bugzilla/show_bug.cgi?id=44527



thanks

dan






      


      
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message