Mike Müller wrote > Hi Justin > > You're probably right. The topic came up in [1]. > As for the browsers I would dare to say there are > more problems than advantages with Basic Auth: > - Some browsers pass credentials even on parent paths > where credentials should not be sent. > - Logout is mostly a problem > If the client is not a browser it surely looks better. > I don't know how much apps built on sling really use > Basic Auth but I guess rather few. > That's why I would change the default behavour and > disable the Basic Auth. > I tend to agree here - I think it's more important to work ootb for browser than for some client tools :)
But Justin has touched an important topic: we need to update or docs! Carsten -- Carsten Ziegeler cziege...@apache.org