On Mon, 2010-08-09 at 19:49 +0200, [email protected] wrote: > Hi, > > thanks for the reply. So, since the client does not know if he should > authenticate itself to the server and because the server is under my > control, I transmit a custom header which shows the client that auth is > required. Same goes for an invalid username/password if the auth fails. > Is there another (possibly better) way to accomplish that? Is there some > kind of best practice? >
None I am aware of. > Regarding the automated redirection: I read it should be enabled by > default in HTTPComponents and I didn't configure it at all, but > nonetheless I get a 302 returned, not the page it should redirect me to. > Maybe it's because I reuse the httpost instance of the first request and > just alter the URI to the login location which is provided by the action > of the login form? > There are several cases when automatic redirections is prohibited by the HTTP specification. You can provide a custom RedirectHandler (4.0) or RedirectStrategy (4.1) implementation in order to override those restrictions. Per default HttpClient automatically redirects 302 responses only for GET and HEAD methods. Hope this helps Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
