URL:
http://localhost:8080/auth/jsp/
Here are the requests headers as it will be send by the browser, and the responses headers as it will be send back by Tomcat:
-
First, the browser will send these headers as part of the request:
GET /auth/jsp/ HTTP/1.1
Host: localhost:8080
...
-
Second, Tomcat will send back these headers as part of the response (401 Unauthorized):
HTTP/1.1 401
WWW-Authenticate: Basic realm="UserDatabase"
...
-
When you fill your username/password and you click the "Log In" button, the browser will send these headers as part of the request:
GET /auth/jsp/ HTTP/1.1
Host: localhost:8080
Authorization: Basic dG9tY2F0OnRvbWNhdA==
...
-
Then Tomcat will send back these headers as part of the response (200 OK):
HTTP/1.1 200
Set-Cookie: JSESSIONID=A5A77952719D6CAB6C908C9010ED3F87;path=/abc/;HttpOnly
...
Notes:
You can decode the encoded values ent by the browser (
Authorization: Basic dG9tY2F0OnRvbWNhdA==) by using the following Java code:
byte[] decodedValue = Base64.getDecoder().decode("dG9tY2F0OnRvbWNhdA==");
System.out.println(new String(decodedValue, "UTF-8"));
Output:
tomcat:tomcat
You can also use the following web site:
https://www.base64decode.org