On Thursday 26 June 2008 13:52:05 Michael Ströder wrote:
Let's look at a very simply case: How should a web server which implements HTTP basic authc implement the user interaction needed? It simply relies on the browser popping up the login window, nothing else. What you could do is redirect the user to an error page implemented as CGI-BIN which makes further checks. You can do that yourself.
But, ideally I would like to send the user to the right page (not a generic "authorization failed"), in which case I need a different error code to send them to a suitable error page (which might have a form for them to change their password etc.).
Ciao, Michael.