[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: error 401
do-not-reply at jboss.com
Fri Aug 15 03:18:48 EDT 2008
anonymous wrote : <error-page>
| I get an HTTP 401 error every time I try to access a protected page (the auth-method is BASIC). To fix the problem, all I have to do is remove the <error-page> definition.
I'm not an expert in this. But i think, you are configuring the error-page for an incorrect code (401). I guess, what you want is a custom page to be shown when the authentication fails. Isnt it? In that case, you should be configuring the error-page for error-code 403.
I re-iterate, i am not an expert at this, but from what i read from a thread:
anonymous wrote :
| Basically a browser will always first request a password protected page without authentication details, and your server must always react to that with a 401. (or the user won't get a chance to authenticate) When a browser gets a 401 response it will prompt the user for a username and password, and retry the request, this time with an
| authentication header added. This for a number of times, set in the browser.
So if you are redirecting the 401 to your custom page, the browser will have no chance to bring up the authentication pop-up.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4170701#4170701
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4170701
More information about the jboss-user