tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <>
Subject Re: Question about BASIC Authentication
Date Thu, 01 Jul 2010 07:31:06 GMT
On 01/07/2010 02:30, Christopher Schultz wrote:
> Matthew,
> On 6/30/2010 8:20 PM, Matthew Mauriello wrote:
>> The behavior seems rather strange to me in fact, I've seen other websites
>> run on what looks to be BASIC Authentication without popping these browser
>> messages when leaving secured sections.
> Most websites use HTTP AUTH consistently, at least for a particular URL
> prefix.
>> See the is only used once and it
>> might actually be I have to look
>> into this.
>> I feel like the authentication cookie is being created for the user and
>> then being forwarded to every page the user visits after that.

BASIC auth doesn't create an authentication cookie does it?  The browser
sends an 'Authorization' header instead.


>> I am hoping to find some way of preventing this behavior.
> Well, for starters, what web browser are you using? Can you give me a
> sample URL that I can use to play with a test version of your webapp?
> -chris

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message