Yes, Safari and Chrome only cache credentials that were passed to a
request and lead to a sucessfull response if they were entered
manually through the login box. Putting credentials into an XHR
request, or via an image, css, iframe or script via the
http://user:passw...@domain.com; trick, which
...@gmail.com
Date: August 14, 2009 11:15:33 AM MST
To: dev@sling.apache.org
Subject: Re: WebKit HTTP Authentication
Reply-To: dev@sling.apache.org
As Felix noted, the cookie fallback mechanism is the only stable way
to handle all browsers.
Unless, of course, you use the ugly modal dialog box
forwarded message:
From: Magnus Johansson kkc...@gmail.com
Date: August 14, 2009 11:15:33 AM MST
To: dev@sling.apache.org
Subject: Re: WebKit HTTP Authentication
Reply-To: dev@sling.apache.org
As Felix noted, the cookie fallback mechanism is the only stable way
to handle all browsers
On Thu, Sep 17, 2009 at 4:00 PM, Eric Norman eric.d.nor...@gmail.com wrote:
For my own project, I ended up writing my own FormAuthenticationHandler
which caches the submitted credentials (crypted) on the server-side as a
session attribute. The cached credentials are used when no basic auth
Well, my project doesn't currently have enough load to require more than one
server node, so I haven't thought much about that yet. If your cluster can
be configured to use sticky sessions, it would probably work fine without
any further changes. Otherwise your app server would need to be
Hi Eric,
I've been putting off implementing alternative authentication,
suffering along
with the default browser auth for now. I'd be interested in using your
solution
if you're willing to share it.
Thanks,
Andreas
On Sep 17, 2009, at 11:29 AM, Eric Norman wrote:
Well, my project
Eric,
It sounds like your solution is the start of the approach I was
considering. If your willing to share, at minimum, Andreas and myself
would love to look at your solution.
-- Mike
On Sep 17, 2009, at 8:44 AM, Andreas Kollegger wrote:
Hi Eric,
I've been putting off implementing
Moulton
Begin forwarded message:
From: Magnus Johansson kkc...@gmail.com
Date: August 14, 2009 11:15:33 AM MST
To: dev@sling.apache.org
Subject: Re: WebKit HTTP Authentication
Reply-To: dev@sling.apache.org
As Felix noted, the cookie fallback mechanism is the only stable way
to handle all
Hi Andreas,
Andreas Kollegger schrieb:
Apache Sling HTTP Header Authentication doesn't seem to work with
Safari (and I presume other WebKit browsers). Could anyone share some
insight into what is wrong, or point me to the relevant JIRA issue? I'm
not familiar with the details of
I just tried
http://localhost:8080/?sling:authRequestLogin=1
and got a HttpBasic Auth prompt from Safari 4.0.x and then logged in
successfully with 'admin' 'admin'
IIRC, you have to add the sling:authRequestLogin=1 to trigger the
basic auth 401 response from Sling.
Ian
On 9 Aug 2009,
Hi
I've had problems with Safari 4 as well, bu this is only when I'm using the
login form under /system/login
(if I remember correctly). It seems the XMLHttpRequest way of forcing basic
authentication for
some reason don't work with Safari
However, using ?sling:authRequestLogin=1 on some other
Perhaps I am being really dumb this morning, and I can see the html
login template in the code, but I cant see how to get it invoked.
http://localhost:8080/system/login.html gives a 404 and
grep -rl '/system/login' * on the code base gives no matches.
what's the url, I would like to verify
Hi
Sorry, my memory was not correct... on my system it is
http://localhost:8080/system/sling/login
I'm not running the absolute latest, but I should have code from beginning
of July.
Regards
Magnus Johansson
On Sun, Aug 9, 2009 at 11:37 AM, Ian Boston i...@tfd.co.uk wrote:
Perhaps I am being
Ah, I see that it is just the login form. Hadn't thought to try
http://localhost:8080/?sling:authRequestLogin=1
That's fine for now. I guess I'll redirect based on browser.
On Aug 9, 2009, at 8:17 AM, Magnus Johansson wrote:
Hi
Sorry, my memory was not correct... on my system it is
Hi,
Apache Sling HTTP Header Authentication doesn't seem to work with
Safari (and I presume other WebKit browsers). Could anyone share some
insight into what is wrong, or point me to the relevant JIRA issue?
I'm not familiar with the details of http-authentication, so tracing
through the
15 matches
Mail list logo
