I know that this has been beaten to death, but ...... Currently BasicAuthenticator calls response.setStatus(401) if the user isn't authenticated. However the spec states: <spec-quote version="2.4" section="9.9.2"> The default servlet and container will use the sendError method to send 4xx and 5xx status responses, so that the error mechanism may be invoked. </spec-quote>
Before I just go ahead and change BasicAuthentictor to call sendError, I wanted to poll if anybody sees problems with this. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
