Manfred Baedke wrote: > Hi Michael, > > what's really bad about programmatic clients and form based > authentication is the fact that the form comes with status code 200, > telling the client that everything is fine, and there is really no > realiable way for the client to tell wether the response body is the > intended content or a login form. Form based authentication, as it is > widely used nowadays, is broken by design. Don't use it. ok, but what is the alternative? BASIC and DIGEST also have issues ;-) Thanks Michi > > Regards, > Manfred > > > -- Michael Wechner Wyona - Open Source Content Management - Apache Lenya http://www.wyona.com http://lenya.apache.org michael.wechner@wyona.com michi@apache.org +41 44 272 91 61Received on Monday, 3 July 2006 14:48:59 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 12 October 2007 17:53:26 GMT