>On 20/09/2011 08:31, Manger, James H wrote: >> The manager and host-manager apps included with Tomcat 7.0.21 are both: >> * configured to use BASIC authentication; and >> * configured with a custom error page for 401 (unauthenticated) error codes. >> However, the customer error page is never used by Tomcat. >> >... >> The 401.jsp file has lots of useful information that would be helpful to >> display to a user if they cancel their browser's BASIC login prompt.
> http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml > > Currently the 4th entry for 7.0.22 > > Mark Great! I confirmed 401.jsp is being used properly in 7.0.20. I couldn't find any release schedule for 7.0.22 (with the fix) at the Tomcat web site. Are tentative release dates listed anywhere? Tomcat releases appear to be frequent enough (about monthly, thanks!!) that a date for the next release is not too crucial, but it would be nice to have an estimate now that I know it includes a fix I want. P.S. Thanks for making it unnecessary to include the following line in 401.jsp: response.setHeader("WWW-Authenticate", "Basic ..."); It was removed from 401.jsp in March 2011 (revision 1084109). I am not sure which change made it unnecessary (and if the change includes the 5.x and/or 6.x branches). -- James Manger --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
