posted 13 years ago
I have made up a constrained resource in my web-app. When I enter the URL to this resource for the first time, the login window appears and after succesful login the page is being rendered in the browser. Now I enter the same URL a second time and the login window doesn't pop up anymore, which is reasonable. (Authentication happens only once).
But:
How will the container know that the second request is from the same user as the first one? Using Session-tracking I first thought. But after disabling cookies in my firefox browser the behaviour doesn't change!
Anyone have an idea?