On Thu, March 16, 2006 12:48 pm, Jay Burgess said: > I pursued a very similar exercise last week. I have a webapp using BASIC > authentication and wanted to add in an RSS interface that used DIGEST > authentication. Unfortunately, I never could figure out how to do this in > a > single webapp. I figured I'd chime in, though, as I think it'd be a nice > feature if it's not already possible.
Thanks Jay, I appreciate knowing at least that I'm not alone :) Do you know, or does anyone else know, where the server looks for the credentials when the challenge box has been submitted? In other words, does the entered username and password get passed as a specific header or a request parameter? Obviously 5 minutes of Googling would find me the answer, but since we're already here... :) I'm thinking that it shouldn't be at all difficult to write a BasicAuthFilter (assuming one doesn't already exist) for doing this, which would allow both of us to do what we want. Should be a simple matter of (a) sending back a 401 if no credentials are supplied, or (b) calling on the security provider to authenticate if they are. I would add such a filter to Java Web Parts, and with the expanded mapping capabilities we provide with those filters, it should do the trick nicely. > Jay -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com AIM: fzammetti Yahoo: fzammetti MSN: [EMAIL PROTECTED] Java Web Parts - http://javawebparts.sourceforge.net Supplying the wheel, so you don't have to reinvent it! --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
