On 17/11/06, Piyush Purang <[EMAIL PROTECTED]> wrote:
Hi Dave,
I think if you use http basic authentication (as the tutorial example
uses) only way to prompt for authentication again is if the user
accesses a resource in another realm (where he hasn't already been
authenticated once) or to close and start the browser again.
I found
http://www.restlet.org/docs/api/org/restlet/data/CookieSetting.html#setMaxAge(int)
which is cookie based.
How the authentication relates to cookies I'm not sure.
I just thought it reasonable to be able to stop a user
after they have logged in (security reasons)
or to state that login is valid for n seconds (as with cookies?)
One option that i know of is to write your own authentication based on
a RestletFilter and a HTML form? I did it because somehow basic
authentication didn't work for me :)
Hey, I got this one to work, nice change for me :-)
I'm not keen on having the plain password in the code though;
I'd push that out for serious use.
Have you made yours configurable Piyush?
regards
--
Dave Pawson
XSLT XSL-FO FAQ.
http://www.dpawson.co.uk
