Dear Members, There are a number of websites (intranet as well as internet) that force a user to login, by throwing a login window that pops up asking for username and password. This can be obvserved in weblogic6.1 as you type the url http://localhost:70001/console. This can also be observed on many other Internet sites like the http://otn.oracle.com etc. I wonder how they can call such a pop up window and, further more validate the subsequent username and password. Is this a http driven event at all??? If anyone has ever managed to create such a login screen, can you please let me know???
My softwares dont have bugs, they just develop random features
Hi if I has understood you right you are talking about BASIC http authorization. You can find more about it in HTTP/1.1 protocol and Servlet2.3 specification. Regards, Maria 12.5.1 HTTP Basic Authentication HTTP Basic Authentication is the authentication mechanism defined in the HTTP/1.1 specification. This mechanism is based on a username and password. A web server requests a web client to authenticate the user. As part of the request, the web server passes the string called the realm of the request in which the user is to be authenticated. It is important to note that the realm string of the Basic Authentication mechanism does not have to reflect any particular security policy domain (which confusingly, can also be referred to as a realm). The web client obtains the username and the password from the user and transmits them to the web server. The web server then authenticates the user in the specified realm. Basic Authentication is not a secure authentication protocol as the user password is transmitted with a simple base64 encoding and the target server is not authenticated. However, additional protection, such as applying a secure transport mechanism (HTTPS) or using security at the network level (such as the IPSEC protocol or VPN strategies) can alleviate some of these concerns.
"NEEL" your name doesn't agree with the javaranch guidelines. Please take a moment and re-register after reviewing the guidelines at http://www.javaranch.com/name.jsp Thanks for your cooperation. - satya
I found some code from a book called Core Servlets which allowed me to this. This mechanism has really got me hooked onto the http headers subject and ofource I would also have to look at the Servlet2.2 specs. Thanx Maria.