With AJAX, a resource can be brought up by refreshing part of an
existing page rather than as a whole new page. If the page is expecting,
for example, a JPEG image, and the request for the image is redirected
to a login page because it's restricted, then the page won't get back an
image, but instead will get back the HTML for the login page. The HTML
<img> tag can't do anything with this, and it will merely fail to
display the image.
There are ways to fix this with code that makes sure it's always the
top-level page that redirects to the login page, but it can be a pain.
On 10/24/12 3:22 PM, Kaile Zhu wrote:
> Interesting, you mention AJAX pages. Can you elaborate why it would be problem? - Kelly
> -----Original Message-----
> From: Code for Libraries [mailto:[log in to unmask]] On Behalf Of Gary McGath
> Sent: Wednesday, October 24, 2012 2:16 PM
> To: [log in to unmask]
> Subject: Re: [CODE4LIB] Q: "Discovery" products and authentication (esp Summon)
> On 10/24/12 2:40 PM, Jonathan Rochkind wrote:
>> Primo, by default, will suppress some content from end-users unless
>> they are authenticated, no? Maybe that's what "restricted search scopes"
>> are? I'm not talking about your locally indexed content, but about the
>> "PrimoCentral" index of scholarly articles.
>> At least I know the Primo API requires you to tell it if end-users are
>> authenticated or not, and suppresses some results if they are not. I
>> assume Primo 'default' interface must have the same restrictions?
> I've worked with library systems that redirect you to a login page when they detect an attempt to access a restricted resource. I don't recommend this approach; it may have worked OK 10 years ago, but it plays badly with AJAX pages, which have become very common.
Gary McGath, Professional Software Developer http://www.garymcgath.com