Christopher, I may have found a problem in the SOLR header.jsp file that I am using in navigation. The header.jsp file might be trying to send headers, unfortunately I am not in the same location as the server so I will have to check this out tomorrow.
I'll keep you posted, ~Matt > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Matthew, > > On 6/30/2010 8:20 PM, Matthew Mauriello wrote: >> The behavior seems rather strange to me in fact, I've seen other >> websites >> run on what looks to be BASIC Authentication without popping these >> browser >> messages when leaving secured sections. > > Most websites use HTTP AUTH consistently, at least for a particular URL > prefix. > >> See the http://user:passw...@website.com/SOLR is only used once and it >> might actually be http://user:passw...@website.com/SOLR/ I have to look >> into this. >> >> I feel like the authentication cookie is being created for the user and >> then being forwarded to every page the user visits after that. >> >> I am hoping to find some way of preventing this behavior. > > Well, for starters, what web browser are you using? Can you give me a > sample URL that I can use to play with a test version of your webapp? > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkwr76cACgkQ9CaO5/Lv0PACLQCgjmn6kpeN1L3uQPuxpUEbHT8C > W/UAn1iaKySqcMfZNuttx7MjHYr6EqX4 > =Yxdn > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
