> From: Nicholas Sushkin [mailto:nsushkin@openfinance.com]
> Subject: Re: Should Form Authentication Valve restore request body on a PUT?
> The correct behaviour IMHO is to always GET the login form and return
> it as a response to the unauthenticated request of any kind. Then, once
> the form is POSTed and authentication is successful, the original request
> whatever it may have been, should be replayed. Right?
Yes, that sounds correct. It wasn't clear to me in what order things were being done.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|