I have a servlet that I want to poke values into the HTTP Header for basic authentication, and redirect the request to a JSP or HTML Page. Can someone help For example a user requests.
securedir directory is secured by Basic Authentication, so the user can not get to page.html without a user name and password. I want my serlvet to take this request, and poke the Base64 encode Username and password into the HTTPHeader, so that it will be a passthrough/single signon feature. Has anyone every tried this, and do you have any suggestions. Thanks Chris
(I believe) Basic Authentication also accepts the form username:password@www.domain.com Your Servlet could accept the request then redirect to the above URL Another possibility is to write a Cookie from your domain to the other domain, but this is blocked by many security features like Firewalls. Then again, setting a Cookie is not the same as performing Basic Authentication. My guess is that beyond the first solution, you'll find this is a security feature that is not supported in HTTP due to the possible problems it could cause. Dave [ February 08, 2003: Message edited by: David O'Meara ]
Chris Gastin
Ranch Hand
Joined: Aug 13, 2002
Posts: 51
posted
0
Yea I know that you can use username:password@www.domain.com I don't the username and password to be revealed by the URL. [ February 09, 2003: Message edited by: Chris Gastin ]
0
