-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matthew,
On 6/30/2010 8:20 PM, Matthew Mauriello wrote: > The behavior seems rather strange to me in fact, I've seen other websites > run on what looks to be BASIC Authentication without popping these browser > messages when leaving secured sections. Most websites use HTTP AUTH consistently, at least for a particular URL prefix. > See the http://user:passw...@website.com/SOLR is only used once and it > might actually be http://user:passw...@website.com/SOLR/ I have to look > into this. > > I feel like the authentication cookie is being created for the user and > then being forwarded to every page the user visits after that. > > I am hoping to find some way of preventing this behavior. Well, for starters, what web browser are you using? Can you give me a sample URL that I can use to play with a test version of your webapp? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwr76cACgkQ9CaO5/Lv0PACLQCgjmn6kpeN1L3uQPuxpUEbHT8C W/UAn1iaKySqcMfZNuttx7MjHYr6EqX4 =Yxdn -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org