Forum Discussion
Erich_Rockman_1
Cirrus
CirrusCheck Authorization / WWW-Authenticate headers
Hi. I am trying to make sure that the user what is trying to/has authenticated to a site w/ Basic Auth matches a user in a list. However, I cannot force the server to prompt if the user/pass is not a...
Erich_Rockman_1Cirrus
CirrusI have been trying to explain it, but maybe because I have been deep into this, I am not doing a great job of it. I'll try again.
It is a regular web server, 401, Authorization, WWW-Authenticate headers intact.
I am looking to check the user credentials (entered into the browser via 401 challenge) and check that value against a list. That works fine right now. However, I cannot get it to respect the server's response (WWW-Authenticate). I need to be able to continue to prompt the user for creds when they are not correct (as far as Basic Auth is concerned).
My problem is that the WWW-Authenticate comes back on the response side and I am checking the Authorization header on the request side.
Erich_Rockman_1Cirrus
CirrusThe server is sending a 401 response. However, how can I perform a check on a response code in a HTTP_REQUEST event. That would be the idea. If status eq 401, then don't perform by logic of checking the username against the list. However, I cannot see the 401 on the request side after entering user/pass into browser.