On 01/07/2010 02:30, Christopher Schultz wrote: > Matthew, > > On 6/30/2010 8:20 PM, Matthew Mauriello wrote: >> The behavior seems rather strange to me in fact, I've seen other websites >> run on what looks to be BASIC Authentication without popping these browser >> messages when leaving secured sections. > > Most websites use HTTP AUTH consistently, at least for a particular URL > prefix. > >> See the http://user:passw...@website.com/SOLR is only used once and it >> might actually be http://user:passw...@website.com/SOLR/ I have to look >> into this. > >> I feel like the authentication cookie is being created for the user and >> then being forwarded to every page the user visits after that.
BASIC auth doesn't create an authentication cookie does it? The browser sends an 'Authorization' header instead. p >> I am hoping to find some way of preventing this behavior. > > Well, for starters, what web browser are you using? Can you give me a > sample URL that I can use to play with a test version of your webapp? > > -chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
signature.asc
Description: OpenPGP digital signature