[Stanislav Maximov]
[I'm sure it is possible to implement with PHP and Java servlets (running
with Apache) via modifying http headers. So what's a problem with Cold
Fusion?]
As I said, I'm not too familiar with how Apache handles authentication, I
just know how IIS does it. When IIS sees that your browser has passed
authentication information back to it, ***before it even calls the CF
server*** it tries to authenticate that information. To verify the
authentication, it checks the username and password against the local
machine, then the domain, then any authentication ISAPI DLLs that are
installed. If none of these return a successful authentication, ***the CF
server will never get called*** and IIS wil just return a 403. This means
that your script never even has a chance to verify the authentication
information.
-Rick
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
