Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-21 11:32:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish gh-16280

Browse Source
This commit is contained in:
Steve Riesenberg 2025-03-20 15:43:53 -05:00
parent 21fb5f92cf
commit eb510ab59d
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/modules/ROOT/pages/servlet/authentication/passwords/basic.adoc
View File

@ -24,11 +24,9 @@ The `RequestCache` is typically a `NullRequestCache` that does not save the requ
[NOTE] [NOTE]
==== ====
The default HTTP Basic Auth Provider will suppress both Response body and `WWW-Authenticate` header in the 401 response when The default HTTP Basic Auth Provider will suppress both Response body and `WWW-Authenticate` header in the 401 response when the request was made with a `X-Requested-By: XMLHttpRequest` header.
the request was made with a `X-Requested-By: XMLHttpRequest` header. This allows frontends to implement their own This allows frontends to implement their own authentication code, instead of triggering the browser login dialog.
authentication code, instead of triggering the browser login dialog. To override, implement your own javadoc:org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint[].
To override, implement your own
javadoc:org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint[] .
==== ====
When a client receives the `WWW-Authenticate` header, it knows it should retry with a username and password. When a client receives the `WWW-Authenticate` header, it knows it should retry with a username and password.