tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Realm.authenticate() failure
Date Fri, 18 Feb 2000 07:52:20 GMT
> provide users the better. Is it normal program flow to receive an
> invalid username / password/cert ?. I think it could be argued that
> these are "exceptional situations". I don't want to argue symantics but
> provide an answer to the problem.

Yes, the first time you access a "protected" page you'll have no
user/password, and you'll be "un-authorized". Is it an exception ? 
That's how HTTP was designed and it's part of the normal flow.

I agree we need to pass back the "reason", but not as an exception. 


View raw message