Thank you for your reply. I figured it out...someone had put a security
constrain on "/" which meant everything ended up passing through the form
authenticator. Once I removed the constraint everything started working.
So yay for me.
=========================================================
The major difference between a thing that might go wrong and a thing that
cannot possibly go wrong is that when a thing that cannot possibly go wrong
goes wrong it usually turns out to be impossible to get at or repair
---* Douglas Adams*
On Thu, Apr 18, 2013 at 11:16 AM, Cédric Couralet <cedric.coura...@gmail.com
> wrote:
> Hello,
>
> Without knowing how are your security-constraint, and where are the
> css file, I don't think anyone could help you.
>
> Did you try as a last measure to force css file to pass through the
> authentification, something as :
> <security-constraint>
>
> <web-resource-collection><url-pattern>*.css</url-pattern></web-resource-collection>
> </security-constraint>
>
> (probably not a valid security-constraint, just to give the idea)
>
> I did this kind of thing for the favicon. We had a webapp entirely
> protected by form authentication and on firefox after authentication
> we were directed to the favicon.ico (when one existed). Firefox seems
> to get the favicon after the first request even when the status is
> 401... So we had to add a special security-constraint for the favicon
> for our application to work correctly and correct that firefox
> behavior (I want to say bug, but I'm sure there is a very good
> explanation for this :).
>
>
>
> 2013/4/18 Barbara Newton <barbara.new...@gmail.com>:
> > This is driving me crazy! I have configured from authentication in my
> > web.xml with a number of security constraints. None of the constraints
> map
> > to any CSS files. However, when I bring up the application the CSS files
> > are hitting the authentication. Since my form has styling this is a
> > problem of the chicken-and-egg sort since the CSS files are not
> > authenticated yet.
> >
> > On top of that, when I do successfully authenticate, the CSS file is the
> > one that has been saved by the authenticator and is the one that is
> > returned so the browser just brings up the raw CSS file.
> >
> > Any thoughts? Ideas?
> >
> > =========================================================
> > The major difference between a thing that might go wrong and a thing that
> > cannot possibly go wrong is that when a thing that cannot possibly go
> wrong
> > goes wrong it usually turns out to be impossible to get at or repair
> > ---* Douglas Adams*
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
