When opening the login page form your browser during invocation of applications that include JSPs, you are not prompted to login
 Technote (troubleshooting)
 
Problem(Abstract)
Instead of being asked for a user ID and password, you get a 401 error in the browser.

All other applications work correctly, including prompting for user ID and password as expected.

A common attribute of the failing application is the use of JSP™s. When JSPs are removed from the application, you are prompted for your user ID and password.

These applications worked correctly in WebSphere® Application Server V4.0.x. The problems with JSPs started after deploying applications in WebSphere Application Server V5.0.x.
 
Cause
WebSphere Application Server V4 used Servlet Specification 2.2 and WebSphere Application Server V5 uses Servlet Specification 2.3.
In Servlet Specification 2.3, section SRV.12.2 Declarative Security, describes how forwards and includes cannot be secured. The application forwards to an error page.
 
Resolving the problem
Update the application to conform to Servlet Specification 2.3.
http://java.sun.com/products/servlet/reference/api/index.html
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0
Software edition:
Reference #: 1172980
IBM Group: Software Group
Modified date: Jun 25, 2004