By default, 4D Web password protection is managed through the On Web Authentication method. If On Web Authentication returns a result of False, a password challenge is sent to the browser. If the Web user enters the user name and password correctly, the requested page is sent or method is run. This strategy works well, as long as the user enters their password correctly. If the password dialog is cancelled, or if a password is entered incorrectly, a blank page appears in the browser. Why? The error page which Web sites send for bad logins is included with the original password challenge, not in response to a bad password. Unfortunately, On Web Authentication cannot include a Web page. To correct this behavior, use some simple code in On Web Connection instead.
To see the custom behavior for yourself, try a link to a protected page, a protected method called with 4DACTION, or protected method called with 4DCGI and cancel the browser's password challenge dialog.
Note: The user name is guest and the password is 4D. Enter these values to confirm the system does correctly protect resources. Remember that once a user name and password combination have been accepted, the browser continues to send them along with every new request. Therefore, once you enter the name and password listed above, all requests are accepted until the browser has quit.
If you want to try out the default 4D behavior, switch to the Web_Login_Default example database.