-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------
>However when my servlet returns the SC_UNAUTHORIZED
>response the browser's dialog box hint is ...
>
> "Enter username for unknown at myserver.com"
>
>Is there any way to specify the AuthName when returning such a
>response?
Return a header like this before you send the error back.
resp.setHeader("WWW-Authenticate", "Basic realm=\"AuthName\"");
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED,
"<HTML><HEAD>" +
"<TITLE>401 Access Not Authorised</TITLE>" +
"</HEAD><BODY>" +
"Access to this page is not authorised." +
"</BODY></HTML>");
>Is there a recommended way to terminate a user's session from a
>browser? ... that reprompts with the same AuthName as before?
>From my testing the browsers remember these details until the browser
exits. I have not found a way to force this setting to be forgotten by the
browser or to force the user to re-enter their password. I suspect that any
method would be browser dependant. A better option may be to present your
own login screen.
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
