Bug 51253 - use_server_errors for status 401 does not forward WWW-Authenticate
Summary: use_server_errors for status 401 does not forward WWW-Authenticate
Alias: None
Product: Tomcat Connectors
Classification: Unclassified
Component: isapi (show other bugs)
Version: 1.2.31
Hardware: PC All
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2011-05-24 08:06 UTC by Rainer Jung
Modified: 2017-09-01 00:20 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Rainer Jung 2011-05-24 08:06:19 UTC
When using server generated error pages (use_server_errors) and status code is 401, we need to forward the original WWW-Authenticate header to the client. For example mod_proxy does it that way.

I fixed the problem in r1126561 for mod_jk / Apache. I didn't yet fix it completely for IIS. There is a new TODO in jk_isapi_plugin.c, see "start_response()". If anyone likes to fix it for ISAPI, there is already parts of the fix in start_response(), but the missing part is described in the following TODO around line 960:

TODO: we need to save a copy of header_values[h]
for later reuse in write_error_message()
which is called later on form HttpExtensionProc
because of use_server_error_pages.

Actually I didn't verify the problem for ISAPI, so that might be a good first step.


Comment 1 Mladen Turk 2011-11-08 18:35:28 UTC
Implemented IIS version of the patch.
Closing the issue.