var BasicAuthAjax = function() {

    // Use an asynchronous request to re-authenticate as another user using
    // HTTP's Basic Auth mechanism.
    //
    // options:
    //   method: "get", "post", etc. Default is "get"
    //   url: The URL the AJAX request is going to
    //   redirect: If set, redirect to this location on successful login.
    //   user: The new user's login
    //   password: The new user's password
    function change_user(options) {
        if (options.method == null) {
            options.method = "get";
        }

        req = Ajax.getTransport();

        // user name must not have spaces - Mac Safari 4.0.4 can't handle them
        req.open(options.method,
                 options.url,
                 true,
                 options.user,
                 options.password);

        // JWE: is the following still true?
        // // some browsers ignore the auth credentials above and pass the known good credentials.  Try to
        // // override them with this:
        // // req.setRequestHeader("Authorization","Basic dXNlcl9uYW1lOl9hbmRfcGFzc3dvcmQ=");

        req.onreadystatechange = function(ev) {
            if (req.readyState == 4) {
                if (options.redirect) {
                    window.location = options.redirect;
                }
            }
        }

        if (options.onfailure) {
            try {
                req.send("");
            } catch(exc) {
                options.onfailure(exc);
            }
        } else {
            req.send("");
        }
    }

    return {
        change_user:change_user
    };
}();


function submit_change_user() {
    BasicAuthAjax.change_user({
        url: window.location.pathname + 'aspera/user',
        user: 'asperaweb',
        password: 'demoaspera',
        redirect: window.location.pathname + 'aspera/user'
    });
}