Change status code sent back by Restlet for authenication

Question

I am using Restlet with Digest Authentication. Works well. Except I want to make it a bit more ajax/Javascript friendly by avoiding the browser's authentication dialog pop up when a 401 is first sent back.

This is what I think will work:

1. User/pass obtained using a textfields and stored in javascript object.
2. Ajax call to secure resource.
3. Reselt sends back non-401 code (say 406) with Digest Auth info.
4. Javascript catches code, packages request/user/password into hash, sends to restlet.

a) Will the above work?

b) How do I send a different status code using Digest in Restlet?

Answer 1

Yes, you have to return non-401 response, since you cannot change the browser behaviour in that the browser will always display the popup.

see also How to prevent browser to invoke basic auth popup and handle 401 error using Jquery?

you change the response by modifying/overriding the DigestAuthenticator and setting a different response, or use a filter that will detect a 401 and switch it to another status.