On Mon, Jan 25, 1999 at 11:49:17AM -0400, Brad Clements wrote:
On 25 Jan 99, at 9:51, Kevin Dangoor wrote:
server. The current implementations of HTTP do not allow for long-lived connections, so the browser sends the user name and password with each request. (The browser makes it so that the user only needs to enter it once, though.)
I don't think this is entirely true. http does allow the client and server to agree to keep the connection open. You can see this happening between iexploder and iis...
What you're seeing is Layer 3 persiistance, not Layer 4. What's happening is that under HTTP/1.1, the connection can support multiple HTTP transactions before you have to tear it down and rebuild it. This does not imply that there is a "session" at the application layer. By definition all HTTP operations are atomic, and do not imply any previous or subsequent operations. Chris -- | Christopher Petrilli | petrilli@amber.org