|Summary:||use_server_errors for status 401 does not forward WWW-Authenticate|
|Product:||Tomcat Connectors||Reporter:||Rainer Jung <rainer.jung>|
|Component:||isapi||Assignee:||Tomcat Developers Mailing List <dev>|
Description Rainer Jung 2011-05-24 08:06:19 UTC
When using server generated error pages (use_server_errors) and status code is 401, we need to forward the original WWW-Authenticate header to the client. For example mod_proxy does it that way. I fixed the problem in r1126561 for mod_jk / Apache. I didn't yet fix it completely for IIS. There is a new TODO in jk_isapi_plugin.c, see "start_response()". If anyone likes to fix it for ISAPI, there is already parts of the fix in start_response(), but the missing part is described in the following TODO around line 960: TODO: we need to save a copy of header_values[h] for later reuse in write_error_message() which is called later on form HttpExtensionProc because of use_server_error_pages. Actually I didn't verify the problem for ISAPI, so that might be a good first step. Regards, Rainer
Comment 1 Mladen Turk 2011-11-08 18:35:28 UTC
Implemented IIS version of the patch. Closing the issue.