On Mon, Nov 01, 1999 at 05:03:58PM -0500, Robin Berjon wrote:
> I've never tried this but doesn't sending two 401s in a row for the same
> document have the auth popup appear again ?
I feel like this topic gets slightly confusing. Browser sends request,
gets 401 back, asks user for username and password if it doesn't have
one cached already. If it has one cached for this particular realm
then it attempts to send the cached values. If in response it gets 401
again then it asks user for new username and password for this realm.
As far as I know it always takes 2 requests to get protected
document. First one returns with 401 code and realm for authentication,
second request is done with appropriate user name and password.
So if for some reason you decide that some user name and password is
not valid any more then you should make sure that if they are sent any
number of times later then your authentication handler says no
always.
Andrei
--
