jsr340-experts@servlet-spec.java.net

[jsr340-experts] About SERVLET_SPEC-14

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Shing Wai Chan <shing.wai.chan_at_oracle.com>
Date: Fri, 08 Feb 2013 17:02:20 -0800

I am looking at discussion in http://java.net/jira/browse/SERVLET_SPEC-14
("Require FORM auth to issue 303 redirects")

Let me highlight some of the discussion.
* Always use 303 redirects
* Always pass GET requests through the FORM authenticator (independent
of whether the resource is protected for GET
* restore to the original verb

Note that 303 is not in HTTP/1.0.

Any comments?
Shing Wai Chan

This message: [ Message body ]
Next message: Rajiv Mordani: "[jsr340-experts] SERVLET_SPEC-19"
Previous message: Shing Wai Chan: "[jsr340-experts] About SERVLET_SPEC-34"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]