>Working on a MVC (actually Web Api) app which uses custom digest authentication.
>If I allow the Browser to use it's own login form then it subsequently tracks its own authorization header for future pages and all is fine.
>However we want to implement a custom login form (either on the client or the server) and create our own response header.
>Problem then is how to get the browser to subsequently take over and maintain this header.
>Any suggestions ?
I've been using Cookies for years to do that.
I would like however to avoid using that approach and use something more transparent.