> Regarding steps 2-1-1. and 2-1-2.
>> If the DB operation needs authentication, it will return 'access denied'
> Actually, you should get an exception for incorrect user name or password.
> I'm currently making the corrections to allow an empty username.
Ok, it's even better.
BTW, what if user logged-in as a Student, but tries to access Author's
procedure? He won't be redirected to login, but what should he see on UI?
"Access denied" http standard page?
> Alexey Parshin,
Authoright © Total Knowledge: 2001-2008