Christopher Schultz wrote:
> Also, you could set the error page that is used when a user doesn't have
> the proper credentials to something that gives you the opportunity to
> re-login in order to access the forbidden resource. When you want to log
> someone out of BASIC authentication, you have to send a blank
> "WWW-Authenticate" header to the client, just the same way that Tomcat
> would do if you weren't already authenticated.
Is there a way to tell Tomcat to send a blank "WWW-Authenticate" header to the client when authorization fails? I would like to not use FORM authentication.
thanks for any help
---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)
