grega.bizjak@anonymised.com ha scritto:
Hi. I have tested your version of geoserver.
(http://docs.codehaus.org/display/GEOSDEV/Geoserver+security+prototype)
Esri Arcims servlet connector has similar philosophy for security. Simple is teh best. Now i have one question. If i post wfs request from demo request form.I get this message if I dont type user and psw. Thats ok
<?xml version="1.0" encoding="UTF-8" ?> <servlet-exception>HTTP response: 401 Bad credentials</servlet-exception>
But if I type request
directly in browzer security fails and I get back Gml file for requested layer.It seems that HTTP POST works fine, HTTP GET not. Is there any way to prevent this.
Are you sure it's failing? If you already authenticated from the web admin tool, that authentication will be used for the service call too.
As they say, it's a feature, not a bug 
Btw, can you post these mails to geoserver-users ml so that other developers and users are kept in the loop?
Cheers
Andrea