17 Mar
2004
17 Mar
'04
1:46 p.m.
Chris Withers schrieb:
...and you still haven't said if you're using Basic Auth or Cookie Auth.
Sorry. I am using Basic Auth.
If you're using Basic Auth, then what you're seeing is a result of the fact that browsers only send cached basic authentication credentials if prompted to do so by receiving a 401 from the webserver.
What would you like to have happen?
I would like that "AUTHENTICATED_USER.has_role('Authenticated',this())" is true for all pages in an folder after I have loged in at one page of the folder requiering authentication. Similar to the /manage pages: If I am authenticated for "object1/manage" I can view "object2/manage" without being promted for a password again. Regards Christoph