tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Basic authentication without a secure connection
Date Mon, 04 May 2009 05:54:16 GMT
Tokajac wrote:
> I think my idea would be scenario 4.)
> I want to:
> 1.) 
> Open a browser and write Tomcat application's address
> (localhost:8080/myapp);
> 2.) 
> Write username and password in login fields of the application;
> 3.) 
> Save credentials in session after successful login;
> 4.)
> Have link to completely separate application on newly opened page; 
> 5.)
> When link is clicked, request should be sent that contains row:
> "Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
> Login username and password would be the same for both applications.
> On this way, I don't need to type username and password again;
> 6.)
>>>From now on, php application is on-board and Tomcat can be forgotten (it
> remains reachable only via browser's Back button);
The question is still, why was it even there in the first place ?
> I will look now after httpd that you mentioned, awarnier.
 From what you write above, there is still a part that you do not 
understand properly.  I would recommend that, before you start spending 
time on looking up httpd or designing your application, you first do as 
follows :
- get Firefox
- install the plugin named "HttpFox"
- in Firefox, start HttpFox
- look in the HttpFox window, to see what happens between the browser 
and the server
- then access your php application server
- look in the HttpFox window
- login
- look again in the HttpFox window
- in the browser, go to
- look in the HttpFox window
- in the browser, go back to the php application
   (Oh, you are logged in again, without re-entering user-id/password !)
   (even if you force a reload of the page)
- look in the HttpFox window

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message