> -----Original Message----- > From: Max Kutny [mailto:[EMAIL PROTECTED] > Sent: 27 February 2004 11:57 > To: Cactus Developers List > Subject: Re: FormAuthentication (bug #17933) > > On Fri, Feb 27, 2004 at 11:05:30AM +0100, Vincent Massol wrote: > > > > Applied in CVS HEAD (I'm doing a nightly build now)! I've made some > > > > minor changes but mostly cosmetic (I've made the new getters private > > as > > > > I couldn't see why they would be useful for users). > > > > > > No, they are useful ;) At least my servlet container (Resin 2.1.8) > > > returns login page as 200 response. Moreover, I believe the spec > > > requires to do exactly the same. So we need to be accurate here in > > case > > > the containers interpete the spec differently. > > > > I've *not* made the setters private, only the getters. > > My bad. I've just mislooked that. But I'm also sceptic about the > response code defaults. E.g. I wonder if there are > containers that _redirect_ to the login page instead of return it in the > 200 response. If there are none it's better to make pre-auth default to > be HTTP_OK instead of HTTP_MOVED_TEMP so people are not required to > explicitely set desired response code for every authenticator instance.
Yes, I've seen your question to Kazuhito. I don't know the answer. Thanks -Vincent --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
