[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: error 401

jaikiran do-not-reply at jboss.com
Fri Aug 15 03:18:48 EDT 2008


anonymous wrote :  <error-page>
  | <error-code>401</error-code>
  | /errorpages/mypage401.html
  | </error-page>
  | 
  | I get an HTTP 401 error every time I try to access a protected page (the auth-method is BASIC). To fix the problem, all I have to do is remove the <error-page> definition. 

I'm not an expert in this. But i think, you are configuring the error-page for an incorrect code (401). I guess, what you want is a custom page to be shown when the authentication fails. Isnt it? In that case, you should be configuring the error-page for error-code 403.

I re-iterate, i am not an expert at this, but from what i read from a thread:

anonymous wrote : 
  | Basically a browser will always first request a password protected page without authentication details, and your server must always react to that with a 401. (or the user won't get a chance to authenticate) When a browser gets a 401 response it will prompt the user for a username and password, and retry the request, this time with an
  |  authentication header added. This for a number of times, set in the browser.

So if you are redirecting the 401 to your custom page, the browser will have no chance to bring up the authentication pop-up.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4170701#4170701

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4170701



More information about the jboss-user mailing list