«

I do some requests in the background on a page using the XMLHttpRequest
object. My site uses NTLM Authentication. However if the user is not
logged in, it throws up an ugly dialog box. Is there any way to
suppress this? I am ok with the object throwing an error which I can
catch.

What I want to do is to make a request. Instead of it popping up a
dialog box, I want to be able to suppress this dialog and instead
forward him to a separate login page.

Thanks

wrote:

> I do some requests in the background on a page using the XMLHttpRequest
> object. My site uses NTLM Authentication. However if the user is not
> logged in, it throws up an ugly dialog box. Is there any way to
> suppress this? I am ok with the object throwing an error which I can
> catch.
>
> What I want to do is to make a request. Instead of it popping up a
> dialog box, I want to be able to suppress this dialog and instead
> forward him to a separate login page.

See

http://jibbering.com/2002/4/httprequest.html

Just request the header in stead of the full page:

xmlhttp.open("HEAD", "/aDir/aPage.htm",true);
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4) {
alert(xmlhttp.getAllResponseHeaders())
}
}
xmlhttp.send(null)

Then check the returned HTTP numeric status code whether NTLM
Authentication is required or not:

HTTP/1.1 200 OK
[...headers...]

I believe that this status code would be 401.2 when the message should
be negotiated using NTLM authentication.

Then replace your current location to the login page depending on that
status code.

I'm not sure you can use getResponseHeader('headername'); because the
returned status code is actually not a part of the headers.

Hope this helps,

--
Bart

Bart Van der Donck wrote:

> wrote:
>
> > I do some requests in the background on a page using the XMLHttpRequest
> > object. My site uses NTLM Authentication. However if the user is not
> > logged in, it throws up an ugly dialog box. Is there any way to
> > suppress this? I am ok with the object throwing an error which I can
> > catch.
> >
> > What I want to do is to make a request. Instead of it popping up a
> > dialog box, I want to be able to suppress this dialog and instead
> > forward him to a separate login page.
>
> See
>
> http://jibbering.com/2002/4/httprequest.html
>
> Just request the header in stead of the full page:
>
> xmlhttp.open("HEAD", "/aDir/aPage.htm",true);
> xmlhttp.onreadystatechange=function() {
> if (xmlhttp.readyState==4) {
> alert(xmlhttp.getAllResponseHeaders())
> }
> }
> xmlhttp.send(null)
>
> Then check the returned HTTP numeric status code whether NTLM
> Authentication is required or not:

On second thought, the header request would perhaps also require this
NTLM authentication (thus still showing the authentication box). I'm
not sure it is possible to use XMLHttpRequest so that it only returns
the HTTP status code and nothing else.

--
Bart