https://bz.apache.org/bugzilla/show_bug.cgi?id=59708
--- Comment #5 from Mark Thomas <ma...@apache.org> --- Yes, authentication is now always checked so Tomcat can vary the behaviour during a lock out depending on whether the authentication credentials provided were valid or not. For more details, you can always look at the source: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java?view=annotate -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
