lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Oct 6, 2010, at 7:11 PM, Fabio Mascarenhas wrote:

> I thought most applications would want to redirect the user to a login
> page in case of authentication failure instead of throwing a "403
> Forbidden" back at them

403? As in "don't even try, I'm not going to give it to you"

Or 401? As in "Ok, who are you again"?

If 403, then authentication should make no difference, no?

If 401, then this is the realm of HTTP Authentication and a custom login page would not help as the user agent will take care of capturing the user credential, right?