I have a servlet application deployed on a tomcat 7.0 server (call it Server

Question

0

Asked: May 22, 20262026-05-22T22:31:49+00:00 2026-05-22T22:31:49+00:00

I have a servlet application deployed on a tomcat 7.0 server (call it Server

0

I have a servlet application deployed on a tomcat 7.0 server (call it Server A) . The app will take user’s credential and pass it to another server (Server B) to retrieve data.

Problem:

user Alice from machine 1 logged into Server A. Server A uses Alice’s credential to access Server B. getPasswordAuthentication () is used to pass Alice’s credential to Server B. Subsequently, user Bob from machine 2 logged into Server A. Server A will continue to use Alice’s credential to access Server B. I noticed that getPasswordAuthentication () is not invoked for user Bob.

Is there a way to force authentication every time when Server A tries to access Server B?
ps: If restart the tomcat on Server A, authentication will be performed for the first request to Server B after the restart.

Your feedback is greatly appreciated.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-22T22:31:50+00:00

Editorial Team

2026-05-22T22:31:50+00:00Added an answer on May 22, 2026 at 10:31 pm

you need to explicitly clear the cache prior to access server b’s resources by using AuthCacheValue.setAuthCache(new AuthCacheImpl());

This is because the credentials are cached by default and there is no configuration to specify caching behavior.

import sun.net.www.protocol.http.AuthCacheValue;
import sun.net.www.protocol.http.AuthCacheImpl;
[....]
AuthCacheValue.setAuthCache(new AuthCacheImpl());

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a servlet application deployed on a tomcat 7.0 server (call it Server

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply