[Seaside] BUG: Basic authentication

Mart-Mari Breedt breedt_m at aircom.co.za
Mon Aug 29 10:25:02 CEST 2005

Hallo all,


We have the following problem. Consider you have two instances of the
same seaside application, each set up with basic authentication.
Example, you have two instances of the counter application (named
counter1 and counter2) with username=admin and password=seaside on both.


When you log on to seaside/counter1, you would be prompted for a
username and password. (Which is correct...) When you now log on to
seaside/counter2 (from the same browser session) you would NOT be
prompted for a username and password. The WARequest object contains the
previous username and password and since it is the same as the username
and password for this application, you are automatically validated. This
(We believe) is a bug, since you should have been prompted for a new
username and password for two reasons. One: Because you are starting a
new session and Two: Because you are accessing a totally different
application instance.


Does anyone have any ideas or previous experiences on fixing this?


Thank you,





-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/seaside/attachments/20050829/b38c2109/attachment.htm

More information about the Seaside mailing list