IE, FireFox, Opera, and Safari don't display BASIC auth prompt on successive 401 responses from server

二次信任 提交于 2020-01-16 04:55:05

问题


SCENARIO:

I have a java web app running in the latest Tomcat 6. I also have a single servlet filter that provides authentication. I support BASIC auth and it appears to work fine - most of the time.

The first time a browser [pick any one - IE, FireFox, Opera, Safari, Chrome] hits one of our protected URL(s), it displays the standard browser-specific login prompt. IFF you enter the proper username/password - everything is fine, a new session is created, and everything operates normally.

IF, however, you entered invalid credentials in the initial BASIC auth dialog, my authentication filter logic handles this by returning another 401 response.

PROBLEM: Unfortunately, at this point, Chrome is the only browser that will display another BASIC auth dialog. All other browsers listed automatically send the cached "Authorization: Basic.." header - instead of clearing it and prompting the user again.

If anyone has seen this or may know why this is happening, I would greatly appreciate any suggestions!

Thanks and Best Regards, Bob


回答1:


problem solved:

After looking over my code again, I found a point where a 401 was being returned without also setting the WWW-Authenticate HEADER.

-bob



来源:https://stackoverflow.com/questions/4538863/ie-firefox-opera-and-safari-dont-display-basic-auth-prompt-on-successive-401

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!