On 26/01/15 16:53, Stian Soiland-Reyes wrote:
# Questions to dev@jena
Q: I don't know why Fuseki (here with basic auth) always asks for the
admin password - perhaps some Fuseki / shiro.ini experts can help? Is
it because of the server status icon?
Not an expert but with some digging ...
What seems to be happening is that if you turn off localhost
authentication and turn on basic authentication, then the user/password
has to go in every request. There is no session state, cookies whatever
in basic authentication.
Usually the way to do that is to have the browser remember the details
and it will send them when asked.
I guess you have told your browser not to record user/password.
There is a two hop exchange with a via 401 - the web UI does not know
the user/password to add each GET/POST - maybe that is easy to configure
the environment to do that, I don't know, not my area of expertise.
Having the Fuseki code add user/password seems rather heavy and with
such a common setup I wodner if there is a way to tell jQuery or
whatever is doing the HTTP bit to learn the details (not that basic auth
is very safe unless it's an SSL connection).
Andy
https://issues.apache.org/jira/browse/SHIRO-20 for digest auth.
