[jboss-user] [JBoss Seam] - Re: Why avoid HTTP Authentication?

Monday, 4 June 2007

The lack of logoff ability (short of closing the browser) is one issue.  You also have to
pass the auth headers with each request, instead of having auth linked to a session (is
this true with jboss?  I don't know for sure.)  

And for customer/user facing applications, having a login form integrated within your
design is usually preferable.

Those are my thoughts at any rate...

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4051145#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [JBoss Seam] - Re: Why avoid HTTP Authentication?