I have configured RSA Access Manager to protect two URLs. The first one works the second one does not. I have tried to configure both in exactly the same way.
My authentication flows through a custom login dialog. When I go to the first URL I am prompted for a user name and password by my custom login dialog. If I provide correct credentials I can see the content. That is, the Apache access_log shows http code 200 for all the artifacts needed to display the page.
When I go to the second URL it begins well. I'm prompted for user id and password in my custom login dialog. When I provide the correct credentials, alas, I see a basic login from Firefox:
Authentication Required - Mozilla Firefox
http://mywebsite.com is requesting your user name and password. The site says: "CT"
The access_log shows a 401 code. The headers sent to Firefox show WWW-Authenticate: Basic realm="CT"
The URL that works is a simple website (actually the content of the RSA developer's guide). The URL that does not work is hosted in WebLogic. Apache is running the WebLogic proxy that makes these resources appear to local to Apache.
How can I configure Access Manager to suppress this basic dialog (i.e. stop sending WWW-Authenticate: Basic header)? Please note: If I answer the basic dialog I get another one with a realm reference of "weblogic". If I answer that, Firefox displays: Error 401--Unauthorized
Kind regards. Please stay safe.