tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jill Han" <jill....@alverno.edu>
Subject RE: customize HTTP Status 401 error page
Date Thu, 23 Apr 2009 20:19:39 GMT
Here is web.xml
<web-app>
  <display-name>Faculty Resources</display-name>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>FACRES</web-resource-name>
      <url-pattern>*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>CN=FacultyStaff,OU=Groups,OU=EMP,DC=AC</role-name>
    </auth-constraint>
  </security-constraint>  
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>TESTING</realm-name>  
  </login-config> 
   <error-page>
    <error-code>401</error-code>
    <location>/error.html</location>
  </error-page> 
  
  <security-role>
    <role-name>CN=FacultyStaff,OU=Groups,OU=EMP,DC=AC</role-name>
  </security-role>

  <session-config>
    <session-timeout>2</session-timeout>
  </session-config>  
</web-app>

Yes, if it is run on Window, no credential window was prompted, but instead, the error.html
However, if it is run on Linux, credential window was prompted, but, if unsuccessful, or clicking
"Cancel", 401 error message still show up. <error-page> was ignored.

Jill
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net] 
Sent: Thursday, April 23, 2009 2:55 PM
To: Tomcat Users List
Subject: Re: customize HTTP Status 401 error page

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jill,

On 4/23/2009 1:20 PM, Jill Han wrote:
> I still need helps.
> Here is the web.xml
> ...
> <login-config>
>     <auth-method>BASIC</auth-method>
>     <realm-name>TESTING</realm-name>  
>   </login-config>
>  
>    <error-page>
>     <error-code>401</error-code>
>     <location>/error.html</location>
>   </error-page>
> ...
> The error.html is replaced the 401 error message, however there will be no authentication
window prompted, error.html is somehow loaded all the time.

What do your <security-constraint> elements look like?

Are you saying you are getting a 401 response but never being asked for
your credentials?

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAknwx6UACgkQ9CaO5/Lv0PBfLACfU2OGHvHDUX0qeCeaIVoRoJz9
rO4AoK5hbI7c96Dz31J0ZCaOhLzgPcaS
=xKJK
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Mime
View raw message