Could you do a similar thing to support both Basic Auth and Form-Based Auth?I need to be able to accept Basic Auth from programmatic/machine clients (python, curl, etc.) but show Form Auth to human users.It's not immediately obvious to me how you'd do this, since Basic Auth normally prompts with a 401 response. However, I could require that machine clients proactively send the basic auth info (not waiting for a 401), so the server just attempts to process basic auth, and failing that, does form auth.
Would that be the recommended approach, or can Acegi Security do something more advanced? (e.g. based on user-agent header or something like that).On 2/9/06,
Ben Alex [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote: How can one set up acegi to accept either one of basic or digest authentication?Just add them both to the filter chain, and specify your preferred
default (for unauthenticated requests which attempt to access a secureresource) as the ExceptionTranslationFilter.authenticationEntryPoint.Best regardsBen---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log filesfor problems?Stop!Download the new AJAX search engine that makessearching your log files as easy as surfing theweb.DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642___
Home: http://acegisecurity.orgAcegisecurity-developer mailing listAcegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer