I was looking yesterday about how Basic User authentication works on a servlet. It always intriguing to find out how things work under a hood and before I looked I didn't know how this worked. To the beginner it's not really obvious who is popping up the password box when you hit a password protected folder. It's hardly changed since early Netscape.
I'm still looking for how you can customize the page that gets shown when you input the wrong name or password.
Posted by stuartcw at May 22, 2003 01:43 PMCustomizing the page that gets shown when you input the wrong information is easy. Edit an .htaccess file in the webroot you have protected (you probably already have this file to do authentication)..
then add the following line:
ErrorDocument 401 /myerrorpage.html
code 401 is the unauthorized HTTP code. have fun.
Posted by: Andrew Lombardi at May 23, 2003 11:27 AM