https://bz.apache.org/bugzilla/show_bug.cgi?id=59708
--- Comment #5 from Mark Thomas <ma...@apache.org> ---
Yes, authentication is now always checked so Tomcat can vary the behaviour
during a lock out depending on whether the authentication credentials provided
were valid or not.

For more details, you can always look at the source:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java?view=annotate

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to