401 unauthorized webscript
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2008 01:11 PM
thanks
- Labels:
-
Archive
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2008 03:10 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2008 03:22 PM
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2008 03:46 PM
You could tell Tomcat to redirect instead via web.xml
<web-app> <error-page> <error-code>401</error-code> <location>/error401.jsp</location> </error-page>…<web-app>
Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2008 03:53 PM
![t_broyer t_broyer](https://connect.hyland.com/legacyfs/online/avatars/Blue-user-logo.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2008 04:34 AM
In case the /401.ftl isn't found (which is the case by default), it defaults to /status.ftl
This will be used even for non-DeclarativeWebScripts (Java-backed web scripts for instance)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2008 10:56 AM
=============
HTTP Status 401 -
type Status report
message
description This request requires HTTP authentication ().
Apache Tomcat/5.5.23
==============
Mark,
Finally I also tried the web.xml configuration but seems like even that doesnt work for the alfresco webapp. It works for other web applications though. Any ideas?
Appreciate all the help guys.
Thanks
![t_broyer t_broyer](https://connect.hyland.com/legacyfs/online/avatars/Blue-user-logo.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2008 11:19 AM
It actually totally depends on the authenticator being used, as it has to send back the authentication challenge (WWW-Authenticate for HTTP auth, redirect to the login page for Web-Client auth (see below)).
So if you really want to control the 401 content, you'd be better writing your own org.alfresco.web.scripts.Authenticator and setting it up in the web.xml (either replacing the BasicHttpAuthenticator for /alfresco/s and /alfresco/service, or defining your own URI space).
For instance, I quite easily put in place something similar to this proposal in a new, distinct URI space (this would IMO be The Right Way™ to do the Web-Client authentication BTW).
As a side note, the WebScriptRuntime is broken wrt HTTP (at least in 2.2, I didn't check in 3.0) as it sends back 401s (without WWW-Authenticate!) instead of 403s in the following cases:
- the web script requires authentication (either user or admin) but is called with ?guest=true
- the web script requires admin privileges be the authenticated user isn't an admin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2008 12:03 PM
Thanks
![t_broyer t_broyer](https://connect.hyland.com/legacyfs/online/avatars/Blue-user-logo.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2008 04:12 AM
![](/skins/images/A90266AC6EB1934BC937DAFB2842964E/responsive_peak/images/icon_anonymous_message.png)