> From: Maurizio Lotauro > [mailto:[EMAIL PROTECTED] > Subject: Authentication behaviour > > The server answers with 401 before it has received the > whole content send from client. In fact it seems that > the answer become right after the server has received > the http header.
Looks proper to me for basic authentication. As soon as the reference to the protected resource is recognized, the 401 is sent; it's up to the client to resend all the input with the user credentials on the next request. Read the HTTP Authentication RFC: http://tools.ietf.org/html/rfc2617 For synopses, try these: http://en.wikipedia.org/wiki/Basic_access_authentication http://en.wikipedia.org/wiki/Digest_access_authentication If you're using form-based authentication, then the server captures any POST data submitted with the request, and uses that following successful authentication. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
