Changeset 135 for draft-ietf-httpbis/latest/p7-auth.html
- Timestamp:
- 01/01/08 17:15:17 (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p7-auth.html
r129 r135 555 555 containing the authentication information of the user agent for the realm of the resource being requested. 556 556 </p> 557 <div id="rfc.figure.u.1"></div><pre class="inline"><span id="rfc.iref.g.1"></span> 557 <div id="rfc.figure.u.1"></div><pre class="inline"><span id="rfc.iref.g.1"></span> Authorization = "Authorization" ":" credentials 558 558 </pre><p id="rfc.section.3.1.p.3">HTTP access authentication is described in "HTTP Authentication: Basic and Digest Access Authentication" <a href="#RFC2617" id="rfc.xref.RFC2617.4"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>. If a request is authenticated and a realm specified, the same credentials <em class="bcp14">SHOULD</em> be valid for all other requests within this realm (assuming that the authentication scheme itself does not require otherwise, 559 559 such as credentials that vary according to a challenge value or using synchronized clocks). … … 578 578 the authentication scheme and parameters applicable to the proxy for this Request-URI. 579 579 </p> 580 <div id="rfc.figure.u.2"></div><pre class="inline"><span id="rfc.iref.g.2"></span> 580 <div id="rfc.figure.u.2"></div><pre class="inline"><span id="rfc.iref.g.2"></span> Proxy-Authenticate = "Proxy-Authenticate" ":" 1#challenge 581 581 </pre><p id="rfc.section.3.2.p.3">The HTTP access authentication process is described in "HTTP Authentication: Basic and Digest Access Authentication" <a href="#RFC2617" id="rfc.xref.RFC2617.5"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>. Unlike WWW-Authenticate, the Proxy-Authenticate header field applies only to the current connection and <em class="bcp14">SHOULD NOT</em> be passed on to downstream clients. However, an intermediate proxy might need to obtain its own credentials by requesting 582 582 them from the downstream client, which in some circumstances will appear as if the proxy is forwarding the Proxy-Authenticate … … 590 590 user agent for the proxy and/or realm of the resource being requested. 591 591 </p> 592 <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.g.3"></span> 592 <div id="rfc.figure.u.3"></div><pre class="inline"><span id="rfc.iref.g.3"></span> Proxy-Authorization = "Proxy-Authorization" ":" credentials 593 593 </pre><p id="rfc.section.3.3.p.3">The HTTP access authentication process is described in "HTTP Authentication: Basic and Digest Access Authentication" <a href="#RFC2617" id="rfc.xref.RFC2617.6"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>. Unlike Authorization, the Proxy-Authorization header field applies only to the next outbound proxy that demanded authentication 594 594 using the Proxy-Authenticate field. When multiple proxies are used in a chain, the Proxy-Authorization header field is consumed … … 602 602 authentication scheme(s) and parameters applicable to the Request-URI. 603 603 </p> 604 <div id="rfc.figure.u.4"></div><pre class="inline"><span id="rfc.iref.g.4"></span> 604 <div id="rfc.figure.u.4"></div><pre class="inline"><span id="rfc.iref.g.4"></span> WWW-Authenticate = "WWW-Authenticate" ":" 1#challenge 605 605 </pre><p id="rfc.section.3.4.p.3">The HTTP access authentication process is described in "HTTP Authentication: Basic and Digest Access Authentication" <a href="#RFC2617" id="rfc.xref.RFC2617.7"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>. User agents are advised to take special care in parsing the WWW-Authenticate field value as it might contain more than one 606 606 challenge, or if more than one WWW-Authenticate header field is provided, the contents of a challenge itself can contain a
Note: See TracChangeset
for help on using the changeset viewer.