tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Manger, James H" <>
Subject manager and host-manager have 401.jsp that is not used
Date Tue, 20 Sep 2011 07:31:50 GMT
The manager and host-manager apps included with Tomcat 7.0.21 are both:
* configured to use BASIC authentication; and
* configured with a custom error page for 401 (unauthenticated) error codes.
However, the customer error page is never used by Tomcat.

tomcat/webapps/[host-]manager/WEB-INF/web.xml has
    <realm-name>Tomcat Manager Application</realm-name>

The 401.jsp file has lots of useful information that would be helpful to display to a user
if they cancel their browser's BASIC login prompt.

A custom 401.jsp file worked with BASIC in Tomcat 5.5.23.

Is 401.jsp supposed to be used in the manager and host-manager apps?
Or is it a relic that should be removed?
Or is it kept for cases where a different style of authentication is configured that might
use 401.jsp?

I hope I can provide a custom message when a user cancels a BASIC login. The manager and host-manager
apps appear to try to do what I want. But they don't work.

James Manger

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message