Thank you for your answer. Sorry about the new thread for new topic
business - I hadn't understood the thread mechanism.
I presume for this topic I'd better continue as we are and I'll get it
right next time.
I was wondering exactly how the servlet container knows whether the user
has already
To: Tomcat Users List
Subject: Re: How does Tomcat manage Form-based authentication?
I'm using an old nuts and bolts programme that actually
programmatically sent the Authorization header string
for BASIC authorization, and I'd like to continue using
this programme, but I have to tell
Message-
From: Malcolm Warren [mailto:[EMAIL PROTECTED]
Sent: Friday, April 02, 2004 10:12 AM
To: Tomcat Users List
Subject: Re: How does Tomcat manage Form-based authentication?
I'm using an old nuts and bolts programme that actually
programmatically sent the Authorization header string
, 2004 10:12 AM
To: Tomcat Users List
Subject: Re: How does Tomcat manage Form-based authentication?
I'm using an old nuts and bolts programme that actually
programmatically sent the Authorization header string
for BASIC authorization, and I'd like to continue using
this programme, but I have
On Thu, Apr 01, 2004 at 04:38:49PM +0200, Malcolm Warren wrote:
: With BASIC authorization, which I used to use, the browser was sent an
: Authorization header.
:
: This doesn't happen with FORM-based authorization.
: I believe Tomcat deals with it all, but how? Anybody know?
Not sure I
It sends you the html form you specify in the form-login-config
section of web.xml
See chapter 12 (Security) Appendix A (Deployment Descriptor) of Servlet
Spec 2.3 for details.
http://java.sun.com/products/servlet/download.html#specs
Martin
-Original Message-
From: Malcolm Warren