Nope. This is browser, not orion behavior. It complies to the HTTP specs.
> -----Original Message-----
> From: Curt Smith [mailto:[EMAIL PROTECTED]]
> Sent: S�bado, 01 de Septiembre de 2001 10:43
> To: Orion-Interest
> Subject: RE: Additional invocations to the UserManager
>
>
> I saw this too and went to FORM authentication and don't see this
> anymore.
>
> I still use UserManager to receive the user/passwd from the FORM
> via the Container, but I don't see the UserManager calls on every
> request.
>
> Based on this, I feel it's a bug in orion that BASIC behaves this
> way.
>
> curt
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Trujillo, Kris
> Sent: Friday, August 31, 2001 6:11 PM
> To: Orion-Interest
> Subject: Additional invocations to the UserManager
>
>
>
> I have written a custom UserManager and have setup
> security-constraints
> against several JSPs in my application...everything works
> great..almost.
> I'm noticing that after the user has successfully been
> authenticated that my
> UserManager is being recalled for every page request made by
> the user. The
> difference being that the user is not reprompted to enter a
> username and
> password. The problem with this is that it causes a lot of additional
> overhead because the user is reauthenticated and has the
> group checking
> revalidated for every request. Is it possible to setup Orion
> so it won't
> behave this way? It seems like once the user has been
> authenticated once
> that they should not be reauthenticated until their session
> has expired.
>
> Thanks
>
>
