On 20/09/2011 08:31, Manger, James H wrote: > The manager and host-manager apps included with Tomcat 7.0.21 are both: > * configured to use BASIC authentication; and > * configured with a custom error page for 401 (unauthenticated) error codes. > However, the customer error page is never used by Tomcat. > > tomcat/webapps/[host-]manager/WEB-INF/web.xml has > ... > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>Tomcat Manager Application</realm-name> > </login-config> > ... > <error-page> > <error-code>401</error-code> > <location>/WEB-INF/jsp/401.jsp</location> > </error-page> > > The 401.jsp file has lots of useful information that would be helpful to > display to a user if they cancel their browser's BASIC login prompt. > > A custom 401.jsp file worked with BASIC in Tomcat 5.5.23. > > Is 401.jsp supposed to be used in the manager and host-manager apps? > Or is it a relic that should be removed? > Or is it kept for cases where a different style of authentication is > configured that might use 401.jsp?
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Currently the 4th entry for 7.0.22 Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
