>> The main problem is the following: If the user (of the browser) puts
>> in a wrong password the connection is refused. Now the user opens
>> (refresh) the page again and the browser sends the rejected digest
>> information again automatically so the login fails again.
>> Is there really no solution for this?
>>     
>
> Are you saying that the browser caches and reuses user credentials even
> though they did not login the user previously? And the browser does not
> pop up the login dialog when authentication failed? 
>   
I start my application with the built in THttpServer. I use the
streaming interface - there is no file loaded.
Now I open the browser and opens the local URL. The login dialog appears
and I put in a wrong password. The browser shows "403 Forbidden". I
return hg403 for the flag in OnGetDocument() after OnAuthResult() with
failed login was called.
Reloading in browser gets the same result again.

Heiko
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to