Issue Details (XML | Word | Printable)

Key: SERVLET_SPEC-21
Type: Improvement Improvement
Status: Open Open
Priority: Major Major
Assignee: Shing Wai Chan
Reporter: markt_asf
Votes: 1
Watchers: 2
Operations

If you were logged in you would be able to see more operations.
servlet-spec

Clarify behaviour with pre-emptive authentication

Created: 07/Oct/11 01:36 AM   Updated: 12/Feb/13 09:10 AM
Component/s: None
Affects Version/s: None
Fix Version/s: None

Time Tracking:
Not Specified

Tags:
Participants: arjan tijms, markt_asf, monzillo and Shing Wai Chan


 Description  « Hide

The HTTP spec allows pre-emptive authentication - i.e. sending credentials before the server asks for them. It is unclear from the Servlet spec how getRemoteUser() and friends should behave in this regard when the resource being requested does not require authentication. Should the credentials be processed or ignored?



Sort Order: Ascending order - Click to sort in descending order
Rajiv Mordani made changes - 06/Dec/11 11:08 PM
Field Original Value New Value
Assignee Shing Wai Chan [ swchan2 ]