>> The main problem is the following: If the user (of the browser) puts
>> in a wrong password the connection is refused. Now the user opens
>> (refresh) the page again and the browser sends the rejected digest
>> information again automatically so the login fails again.
>> Is there really no solution for this?
> Are you saying that the browser caches and reuses user credentials even
> though they did not login the user previously? And the browser does not
> pop up the login dialog when authentication failed? 
I start my application with the built in THttpServer. I use the
streaming interface - there is no file loaded.
Now I open the browser and opens the local URL. The login dialog appears
and I put in a wrong password. The browser shows "403 Forbidden". I
return hg403 for the flag in OnGetDocument() after OnAuthResult() with
failed login was called.
Reloading in browser gets the same result again.

To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to