DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=34251>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34251 Summary: Error 401 behaves differently when error-page is specified Product: Tomcat 5 Version: 5.0.24 Platform: PC OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Unknown AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] I belive that this case is not covered by bugs 13430 and 18040. I am using Basic Authentication and generating an error 401. This correctly prompts for username/password when there is not error-page specified. If I then add <error-page> <error-code>401</error-code> <location>/WEB-INF/jsp/error401.jsp</location> </error-page> to specify an error page the prompt for username/password is not generated and the specified jsp is shown immediately. This is because the WWW-Authenticate header is not sent. A workaround for is to add the header in the jsp: <% response.setHeader("WWW-Authenticate", "Basic realm=\"Blog Maintenance\""); %> This case does not appear to be covered in the Servlet 2.4 specification. I believe that this is actually a bug because there is different behaviour between when the error-page is specified or not. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
