I see... but I think I wasn't clear. I gonna make some experiments
There is no such thing as a "login session" in HTTP, and if it was it would certainly not span multiple web sites..
The only reason why you do not see a login box in each and every request is because your web browser is smart and assumes that if login was required for one request to the web site (or proxy in case of proxy authentication) then it will also be required for the next request to the same web site (or proxy in case of proxy authentication) and assumes the same login+password should be used again there as well.
A typical chain of events for a web site requiring authentication:
< GET /
401 Unauthorized
< GET /, Authorize=login:password
200 OK
< GET /images/something.gif, Authorize=login:password
200 OK
And from this I think it is obvious that the browser has to ask again before sending the same login:password to another web site..
around here and give you a feedback.
regards.
--
[]'s Lucas Brasilino [EMAIL PROTECTED] http://www.recife.pe.gov.br Emprel - Empresa Municipal de Informatica (pt_BR) Municipal Computing Enterprise (en_US) Recife - Pernambuco - Brasil Fone: +55-81-34167078
