Anselm Baird_smith: Authentication spaces

Andy Norman (ange@hplb.hpl.hp.com)
Mon, 23 Oct 1995 13:07:22 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Harald.T.Alvestrand@uninett.no: "Re: Keep-Alive Notes"
Previous message: Anselm Baird_smith: "Authentication spaces"

[ This was probably meant for the list -- ange ]

------- Forwarded Message

Date:    Mon, 23 Oct 1995 14:01:57 +0100
From:    Anselm Baird_smith <abaird@houdon.inria.fr>
To:      http-wg-request@cuckoo.hpl.hp.com
Subject: Authentication spaces

Hi,

In implementing authentication in my server, I started by allowing
server maintainers to specify authentication attributes on a document
basis. This means, for example that

http://foo:8888/x/basic  can be protected through Basic auth.
http://foo:8888/x/digest can be protected through Digest auth.

The funny thing is that most browsers consider that http://foo:8888/x/*
defines an authentication space that should use the same scheme, even
if they have different authentication realms (correct me if I am wrong).

If my reading of the spec (HTTP/1.1 draft of August, 27th, but as I
remember it is the same for HTTP/1.0), I though that my approach was
'legal', is this correct ? (Well, anyway I'll have to come back to a
more reasonable approach if I want to interact properly with
browsers).

Anselm.

------- End of Forwarded Message

Next message: Harald.T.Alvestrand@uninett.no: "Re: Keep-Alive Notes"
Previous message: Anselm Baird_smith: "Authentication spaces"