>>> "Boemio, Neil (CAP, FGI)" <[EMAIL PROTECTED]> 14-Mar-00
9:59:57 PM >>>
>Problem: when the ACTION on one of my forms is /servlet/DoSomething,
> inside that servlet, request.getHeader("Authorization") returns
null. This
>seems to be because the person was authenticated under /secure.
Ermm.... yes.
If you're servlet directory was a subdirectory of /secure then you'd
get the auth header but you can't expect the browser to guess at other
directories.
>So how do I secure a subtree but still get at the Authorization info
from my
>servlets?
You can either secure /servlet or you can used mapped servlets
instead and map them under /secure. I'm not sure if NES allows you to
do this but it should if it follows the spec.
Nic Ferrier
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
