I am using XE3 to start with.

I created a new DataSnap REST Application and added authentication to it. Now when I run the program and browse to it, the browser will correctly show the login part from the .html file. So far so good. Now I enter the correct info and get logged in and transfered to "the hidden" part of the page, just as in the ReverseString sample function. When I supply the logging part with wrong information it will act correctly; in other words refuse to move on the actual content. But... when I enter absolutely noth
ing and press the login button straight away I will be redirected to the "login pop-up" within the browser itself (at least in Opera, Chrome, IE... not in Firefox). This happens because of the following lines in the DSHTTPCommon.pas file:
{code}
      if ARequestInfo.AuthUserName <> EmptyStr then
        AResponseInfo.ResponseNo := 403
      else
      begin
        AResponseInfo.SetHeaderAuthentication('Basic', 'REST');
        AResponseInfo.ResponseNo := 401
      end
{code}
I figured I could add a tracer to it and change the responsecode to 403 if it were 401, but none of the tracepoints I saw were available or being called.

Is there any way to change the response code? Or any other way to force the browser to remain on the page and not in the pop-up? Another fun side effect is that when you enter data in the pop-up it will not be assigned to the correct variables and the OnUserAuthenicate event will be called with UserName = '' and Password = ''. In other words, the pop-up isn't even helpful and cannot be used to login a user.