-
1. Re: error 401
edgoquist Aug 14, 2008 2:29 PM (in response to edgoquist)( the < description > tag didn't show up correctly in the above post. it belongs under the web-resource-name.)
-
2. Re: error 401
peterj Aug 14, 2008 4:39 PM (in response to edgoquist)Please use code tags when posting XML text (select the text, click the Code button under the editor window). And prereview the post before submitting it.
You do realize that there is already ROOT.war at deploy/jboss-web.deployer? I wonder what kind of conflicts you are running into between these two...
What is the exact URL you are entering?
Also, are you saying that the browser is not displaying the login dialog? If not, what browser? -
3. Re: error 401
edgoquist Aug 14, 2008 8:12 PM (in response to edgoquist)"PeterJ" wrote:
You do realize that there is already ROOT.war at deploy/jboss-web.deployer? I wonder what kind of conflicts you are running into between these two...
I'm familiar with it but ... well it's a long story that involves other people. We haven't noticed any conflicts using 4.0.4. (where ROOT.war is under jbossweb-tomcat55.sar) and we've been using that version of jboss for 5+ years."PeterJ" wrote:
What is the exact URL you are entering?
i'm accessing it via this href:<a href="/protected">protected</a>
"PeterJ" wrote:
Also, are you saying that the browser is not displaying the login dialog? If not, what browser
Yep. i'm using IE.
My ultimate goal is to upgrade to 4.2 so I can do programmatic login/logout using WebAuthentication.
thanks for your help Peter. -
4. Re: error 401
jaikiran Aug 15, 2008 3:18 AM (in response to edgoquist)<error-page>
<error-code>401</error-code>
/errorpages/mypage401.html
</error-page>
I get an HTTP 401 error every time I try to access a protected page (the auth-method is BASIC). To fix the problem, all I have to do is remove the <error-page> definition.
I'm not an expert in this. But i think, you are configuring the error-page for an incorrect code (401). I guess, what you want is a custom page to be shown when the authentication fails. Isnt it? In that case, you should be configuring the error-page for error-code 403.
I re-iterate, i am not an expert at this, but from what i read from a thread:
Basically a browser will always first request a password protected page without authentication details, and your server must always react to that with a 401. (or the user won't get a chance to authenticate) When a browser gets a 401 response it will prompt the user for a username and password, and retry the request, this time with an
authentication header added. This for a number of times, set in the browser.
So if you are redirecting the 401 to your custom page, the browser will have no chance to bring up the authentication pop-up. -
5. Re: error 401
edgoquist Aug 15, 2008 12:17 PM (in response to edgoquist)That sounds brilliant except that when the login attempt finally fails (after 3 tries) it fails with error 401 - not 403.
Thank you though. You've given me a clue. -
6. Re: error 401
jaikiran Aug 15, 2008 12:25 PM (in response to edgoquist)Now that you have got the login pop-up appear, the next option to debug is to enable the JBoss Security level logging. See Q4 at http://wiki.jboss.org/wiki/SecurityFAQ to see how that can be done.
-
7. Re: error 401
garfield168 Feb 4, 2009 3:19 PM (in response to edgoquist)I have exactly the same problem. Is there a solution for JBoss 4.2.3?
The same configuration works in JBoss 5.0 !
Thanks