Authentication type in DD paragraph confusion
https://stackoverflow.com/questions/1349170
-
20-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Could anyone please tell me why the following paragraph is incorrect:
If your deployment descriptor correctly declares an authentication type of BASIC, the container automatically requests a user name and password whenever a user starts a new session.
Solution
Because container would only request (as in "send an authentication challenge to browser") user name / password when user attempts to access a protected resource (as defined in descriptor); not when user session is created.
Details are in JavaEE tutorial
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
