glassfishrobot
glassfishrobot
@glassfishrobot Commented This issue was imported from java.net JIRA GLASSFISH_CORBA-17
* **Issue Imported From:** https://github.com/javaee/servlet-spec/issues/113 * **Original Issue Raised By:**@glassfishrobot * **Original Issue Assigned To:** @glassfishrobot
@glassfishrobot Commented Reported by janbartel
@glassfishrobot Commented This issue was imported from java.net JIRA SERVLET_SPEC-113
* **Issue Imported From:** https://github.com/javaee/servlet-spec/issues/21 * **Original Issue Raised By:**@glassfishrobot * **Original Issue Assigned To:** @shingwaichan
@glassfishrobot Commented Reported by markt_asf
@glassfishrobot Commented markt_asf said: Note: pre-emptive authentication can never work with DIGEST auth
@glassfishrobot Commented monzillo said: imv, we should apply an established authentication session when we access an unprotected resource within the session; that is, assuming the authentication session conforms to the...
@glassfishrobot Commented arjan_t said: > In the servlet profile of jsr 196, the configured authentication system is called on every request, leaving it up to it, to decide whether or...
@glassfishrobot Commented arjan_t said: Doing some more digging in the JBoss code, I found an optional "valve" (it's not documented), via which JBoss EAP/AS do process unprotected resources as well....