I’m using a (simple) basic authentication within my servlet which works well for the

Question

0

Asked: June 4, 20262026-06-04T12:52:44+00:00 2026-06-04T12:52:44+00:00

I’m using a (simple) basic authentication within my servlet which works well for the

0

I’m using a (simple) basic authentication within my servlet which works well for the Jetty 7.6 server but with Tomcat 6.0.35 I’m getting an error while trying to send the unauthorized response to show the username/password form in browser:

java.lang.IllegalStateException
org.apache.catalina.connector.ResponseFacade.sendError(ResponseFacade.java:421)

The code in my servlet looks like this:

response.setHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);

The error occurs on line two of the code sample.
I’m not using the <security-constraint> in the web.xml. It should be a very, very simple authentication.

Any idea why Tomcat is not working but Jetty does?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-04T12:52:45+00:00

Editorial Team

2026-06-04T12:52:45+00:00Added an answer on June 4, 2026 at 12:52 pm

Ensure:

You do not have any filters that are producing output before your servlet runs
You are only calling response.setStatus/response.sendError one time during the request
You aren’t flushing the response buffer

Any of the above can commit the response before you were expecting it.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m using a (simple) basic authentication within my servlet which works well for the

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply