Time to go from lurker to contributer:
Ummm.... that's not conformant to RFC spec and it's being discontinued in IE (90+% of your clients right there). I wouldn't recommend putting username/password info in the URL anyway.
-David
Jacob Kjome wrote:
Well, if it were BASIC Auth, then you'd just do this (over SSL, of course, to hide the clear text username/password)...
https://myusername:[EMAIL PROTECTED]
If the username and password are valid, there will be no prompt for username or password. You'll get right to the resource.
Jake
Quoting [EMAIL PROTECTED]:
The application we are building allows file downloads from our UI. However, we also want users to be able to download these files using WGET from a command-line (perhaps as part of a script), like this:
WGET 192.168.1.1/do/download?id=1
However, these file downloads are subject to authentication and should be restricted to certain user roles.
We have already implemented a JDBCRealm and everything works very well within the UI. The problem is that we can't figure out how to get Tomcat to invoke authentication without a prompt. At first, we thought that adding "j_username" and "j_password" as part of the URL might do the trick. No such luck. We looked through the documentation and couldn't find any suggestions (unless we missed something along the way).
What we want to be able to do is have the user provide the username and password as part of the URL, like this:
WGET 192.168.1.1/do/download?id=1&username=bob&password=secret
I know that we could always extend Tomcat with our own code, but I'd really like to avoid having to do that. I haven't been allowing any platform-specific code into the product and I don't want to start now. The use of a JDBCRealm was a compromise that was supposed to reduce the coding effort. Please tell me that there is a way around this issue that doesn't require coding Tomcat extensions.
Thanks for any help you guys might be able to give me.
Jonathan.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
