Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Where my principal is stored using basic authenticationan?  RSS feed

 
raminaa niilian
Ranch Hand
Posts: 551
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi
Thank you for reading my post.
If I use HTTP basic authentication and my user get authenticated I will not need to go through athentication process next time I need to visit that page (asuuming I have not closed the explorer page), I am wondering where application server store my principal so the next time it only check the presense of that principal instead of asking me to authenticate again.
is it stored in HttpSession or it is somewhere else?


Thanks.
 
Andriy Pererva
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The specification doesn't say anything about it. It seems to be somewhat container-specific. You should not bother about it ;)
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The principal isn't necessarily saved on the server. Note that -when using Basic Authentication- the browser keeps sending the username/password for each request to the server, so the servlet container can grab it from the request whenever it needs to.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!