Prashanth.S wrote:
Hello All,
I have got a simple question on BASIC authentication on webresources using
Tomcat.
I had set up this BASIC authentication on tomcat and tomcat[because of my misconfiguration????] seems to authenticate user every time they accesses resource though the client is sending back the jsessionID cookie for session tracking...
2 request-response formats are as follows..Ideally i dont expect it to throw me an unauthorized error for the 2nd request..Can anyone point out what am i doing wrong??
You're not sending the Authorization header in the second request.
Remember, HTTP is stateless. Sessions are a web-app thing and have
nothing to do with HTTP authentication. Sending a session cookie has no
effect on HTTP authentication.
L.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
