-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

To whom it may concern,

On 1/14/2010 11:20 AM, cgswtsu78 wrote:
> I have tomcat based application that is invoked from the apache side through
> mod_jk.  I've setup basic auth on the apache side and the very first request
> to tomcat works as expected (challenged when not logged in, not challenged
> when logged in), but any subsequent request and an http status code of 401
> (auth failure) is encountered.

It sounds like your URL path is changing. If you authenticate to, say,
/foo/bar/baz and the realm path is /foo/bar then forward to
/qux/quux/corge, then the user will get another 401 response.

> One recommendation is that the tomcat
> application adds a header containing the credentials to each request and i
> present in all requests for a given realm.  Does anyone know how to
> accomplish this?

So, you're not happy with the existing HTTP WWW-Authenticate header
which is supposed to do this exact thing?

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAktQjf0ACgkQ9CaO5/Lv0PBTkwCfS5D0KcEvqwytpZSGrVtTUb3n
NVAAnjklDx2VE3VUwSXDSX3Lf1BZ5Lkd
=KshQ
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to