Hi Henning,
your E-Mail was not accepted to the list but I got a message about that, so
that I can answer your request. Looks like you are not subscribed.
I checked the authorization with tntnet and it is indeed a bug in tntnet
1.6.3. This is fixed in more recent versions. The problem is, that in the realm
there is a missing ". So in tntnet 1.6.3 it looks like this:
WWW-Authenticate: Basic realm=auth test"
while it should be:
WWW-Authenticate: Basic realm="auth test"
The workaround for this is to pass the missing " to the realm string:
return reply.notAuthorized("\"auth test");
I'm currently preparing for a new version. Yesterday I uploaded already a
version 1.6.99.1 which is almost what will be 1.7.0. I will take care, that it
will be packaged soon in debian and ubuntu in the hope, that it will be part
of the next ubuntu release.
Tommi
Am Mittwoch, 23. Dezember 2009 01:07:48 schrieb Henning Pingel:
> Dear Tommy, dear tntnet supporters and fans,
>
> I'm still quite new to tntnet and I'm impressed by this nice piece of
> software.
>
> I think I have found a bug, but I don't know if the bug is on the side
> of Safari web browser or tntnet. Anyway, I would like to report it to
> you and discuss it.
>
> I use tntnet 1.6.3 on Ubuntu Jaunty/Karmic (standard packages). I try to
> create a web frontend which should run on all common web browsers. Basic
> authentication works fine with all browsers except for Safari.
>
> In the case of Safari, a team colleague has the problem, that on
> accessing the web frontend for the first time, he has no chance to enter
> username and password. Instead, on first page access, he get's "access
> denied" and that's it.
>
> For authentication I use reply.notAuthorized() like in the example code
> of tntnet documentation.
>
> But this doesn't work with Safari for some reason. So I compared the
> HTTP response headers of Tntnet with other websites that use Basic
> authentication to see where the differences are.
>
> My current alpha-status workaround to make authentication with Safari
> work is to avoid reply.notAuthorized and looks like this:
>
> //possible workaround for safari
> reply.resetContent(); //clearing everything that happened before
> reply.setVersion( 1, 0 ); //setting HTTP version: HTTP/1.0
> reply.setHeader ("WWW-Authenticate", "Basic realm=\"web front end\"",
> false);
> reply.out() << "<h1>401 Not authorized (test)</h1>";
> reply.setDirectMode(HTTP_UNAUTHORIZED, "Unauthorized");
>
> My full ecpp page can be found here and is easier to read there:
>
> http://svn.origo.ethz.ch/wsvn/yavdr/trunk/utils/yavdrweb-ng/authenticate_sa
> faritest.ecpp?rev=262
>
> I'm not an Tntnet expert, so please forgive me if I might have
> overlooked some basics about Tntnet that would solve my issue.
>
> Thanks and happy christmas!
>
> Cheers,
> Henning
>
------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________
Tntnet-general mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tntnet-general
