[jboss-user] [JBoss Seam] - Re: Why avoid HTTP Authentication?
modoc
do-not-reply at jboss.com
Mon Jun 4 20:07:11 EDT 2007
The lack of logoff ability (short of closing the browser) is one issue. You also have to pass the auth headers with each request, instead of having auth linked to a session (is this true with jboss? I don't know for sure.)
And for customer/user facing applications, having a login form integrated within your design is usually preferable.
Those are my thoughts at any rate...
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4051145#4051145
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4051145
More information about the jboss-user
mailing list