I could never use this technique. Why is my CGI.Authorization always an empty string? Anybody know? I use <CFIF NOT IsAuthenticated()>, though, to great effect.
-----Original Message----- From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] Sent: Friday, October 05, 2001 1:34 PM To: CF-Talk Subject: Re: How to find out the page to send 'em back to > If you want I can send a code example tonight. Code is below (does this list accept attachments?). This code still is based on session variables, but that should be easy to solve. If the user needs to log in an HTTP statuscode 401 is send. This results in a browser popup. When the user submits username&password these are send as the HTTP header "authorization" with the form ToBase64(username:password). I would recommend reading the first 2 chapters of RFC 2617 for background info (5 pages). Have fun. Jochem [snip] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
