Ignore:
Timestamp:
Jul 26, 2011, 8:44:53 AM (8 years ago)
Author:
julian.reschke@…
Message:

Realm is optional in new schemes (see #177)

Location:
draft-ietf-httpbis/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p7-auth.html

    r1350 r1354  
    359359  }
    360360  @bottom-center {
    361        content: "Expires January 26, 2012";
     361       content: "Expires January 27, 2012";
    362362  }
    363363  @bottom-right {
     
    404404      <meta name="dct.creator" content="Reschke, J. F.">
    405405      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest">
    406       <meta name="dct.issued" scheme="ISO8601" content="2011-07-25">
     406      <meta name="dct.issued" scheme="ISO8601" content="2011-07-26">
    407407      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    408408      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 7 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 7 defines HTTP Authentication.">
     
    435435            </tr>
    436436            <tr>
    437                <td class="left">Expires: January 26, 2012</td>
     437               <td class="left">Expires: January 27, 2012</td>
    438438               <td class="right">HP</td>
    439439            </tr>
     
    488488            <tr>
    489489               <td class="left"></td>
    490                <td class="right">July 25, 2011</td>
     490               <td class="right">July 26, 2011</td>
    491491            </tr>
    492492         </tbody>
     
    516516         in progress”.
    517517      </p>
    518       <p>This Internet-Draft will expire on January 26, 2012.</p>
     518      <p>This Internet-Draft will expire on January 27, 2012.</p>
    519519      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    520520      <p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     
    679679      <p id="rfc.section.2.1.p.15">Proxies <em class="bcp14">MUST</em> forward the WWW-Authenticate and Authorization headers unmodified and follow the rules found in <a href="#header.authorization" id="rfc.xref.header.authorization.1" title="Authorization">Section&nbsp;4.1</a>.
    680680      </p>
     681      <div id="rfc.iref.p.1"></div>
     682      <div id="rfc.iref.r.1"></div>
    681683      <h2 id="rfc.section.2.2"><a href="#rfc.section.2.2">2.2</a>&nbsp;<a id="protection.space" href="#protection.space">Protection Space (Realm)</a></h2>
    682       <p id="rfc.section.2.2.p.1">The authentication parameter realm is defined for all authentication schemes:</p>
    683       <div id="rfc.figure.u.5"></div><pre class="inline"><span id="rfc.iref.r.1"></span><span id="rfc.iref.r.2"></span>  realm       = "realm" "=" realm-value
     684      <p id="rfc.section.2.2.p.1">The authentication parameter realm is reserved for use by authentication schemes that wish to indicate the scope of protection:</p>
     685      <div id="rfc.figure.u.5"></div><pre class="inline"><span id="rfc.iref.r.2"></span><span id="rfc.iref.r.3"></span>  realm       = "realm" "=" realm-value
    684686  realm-value = quoted-string
    685 </pre><p id="rfc.section.2.2.p.3">The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge. The realm value
    686          (case-sensitive), in combination with the canonical root URI (the scheme and authority components of the effective request
    687          URI; see <a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.6"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) of the server being accessed, defines the protection space. These realms allow the protected resources on a server to be
    688          partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database. The realm
    689          value is a string, generally assigned by the origin server, which can have additional semantics specific to the authentication
    690          scheme. Note that there can be multiple challenges with the same auth-scheme but different realms.
     687</pre><p id="rfc.section.2.2.p.3">A <dfn>protection space</dfn> is defined by the canonical root URI (the scheme and authority components of the effective request URI; see <a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.6"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) of the server being accessed, in combination with the realm value if present. These realms allow the protected resources
     688         on a server to be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization
     689         database. The realm value is a string, generally assigned by the origin server, which can have additional semantics specific
     690         to the authentication scheme. Note that there can be multiple challenges with the same auth-scheme but different realms.
    691691      </p>
    692692      <p id="rfc.section.2.2.p.4">The protection space determines the domain over which credentials can be automatically applied. If a prior request has been
     
    708708      </p>
    709709      <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a id="status.code.definitions" href="#status.code.definitions">Status Code Definitions</a></h1>
    710       <div id="rfc.iref.6"></div>
     710      <div id="rfc.iref.8"></div>
    711711      <div id="rfc.iref.s.1"></div>
    712712      <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a>&nbsp;<a id="status.401" href="#status.401">401 Unauthorized</a></h2>
     
    716716         information.
    717717      </p>
    718       <div id="rfc.iref.7"></div>
     718      <div id="rfc.iref.9"></div>
    719719      <div id="rfc.iref.s.2"></div>
    720720      <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a>&nbsp;<a id="status.407" href="#status.407">407 Proxy Authentication Required</a></h2>
     
    748748         </li>
    749749      </ol>
    750       <div id="rfc.iref.p.1"></div>
     750      <div id="rfc.iref.p.2"></div>
    751751      <div id="rfc.iref.h.2"></div>
    752752      <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;<a id="header.proxy-authenticate" href="#header.proxy-authenticate">Proxy-Authenticate</a></h2>
     
    759759         header field.
    760760      </p>
    761       <div id="rfc.iref.p.2"></div>
     761      <div id="rfc.iref.p.3"></div>
    762762      <div id="rfc.iref.h.3"></div>
    763763      <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a>&nbsp;<a id="header.proxy-authorization" href="#header.proxy-authorization">Proxy-Authorization</a></h2>
     
    10851085      <p id="rfc.section.C.16.p.1">None.</p>
    10861086      <h2 id="rfc.section.C.17"><a href="#rfc.section.C.17">C.17</a>&nbsp;<a id="changes.since.15" href="#changes.since.15">Since draft-ietf-httpbis-p7-auth-15</a></h2>
    1087       <p id="rfc.section.C.17.p.1">None yet.</p>
     1087      <p id="rfc.section.C.17.p.1">Closed issues: </p>
     1088      <ul>
     1089         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/177">http://tools.ietf.org/wg/httpbis/trac/ticket/177</a>&gt;: "Realm required on challenges"
     1090         </li>
     1091      </ul>
    10881092      <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1>
    10891093      <p class="noprint"><a href="#rfc.index.4">4</a> <a href="#rfc.index.A">A</a> <a href="#rfc.index.C">C</a> <a href="#rfc.index.G">G</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.P">P</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.S">S</a> <a href="#rfc.index.W">W</a>
     
    10921096         <ul class="ind">
    10931097            <li><a id="rfc.index.4" href="#rfc.index.4"><b>4</b></a><ul>
    1094                   <li>401 Unauthorized (status code)&nbsp;&nbsp;<a href="#rfc.iref.6"><b>3.1</b></a>, <a href="#rfc.xref.status.401.1">5.2</a></li>
    1095                   <li>407 Proxy Authentication Required (status code)&nbsp;&nbsp;<a href="#rfc.iref.7"><b>3.2</b></a>, <a href="#rfc.xref.status.407.1">5.2</a></li>
     1098                  <li>401 Unauthorized (status code)&nbsp;&nbsp;<a href="#rfc.iref.8"><b>3.1</b></a>, <a href="#rfc.xref.status.401.1">5.2</a></li>
     1099                  <li>407 Proxy Authentication Required (status code)&nbsp;&nbsp;<a href="#rfc.iref.9"><b>3.2</b></a>, <a href="#rfc.xref.status.407.1">5.2</a></li>
    10961100               </ul>
    10971101            </li>
     
    11401144                     </ul>
    11411145                  </li>
    1142                   <li>Proxy-Authenticate header field&nbsp;&nbsp;<a href="#rfc.xref.header.proxy-authenticate.1">3.2</a>, <a href="#rfc.iref.p.1"><b>4.2</b></a>, <a href="#rfc.xref.header.proxy-authenticate.2">5.3</a></li>
    1143                   <li>Proxy-Authorization header field&nbsp;&nbsp;<a href="#rfc.xref.header.proxy-authorization.1">3.2</a>, <a href="#rfc.iref.p.2"><b>4.3</b></a>, <a href="#rfc.xref.header.proxy-authorization.2">5.3</a></li>
     1146                  <li>Protection Space&nbsp;&nbsp;<a href="#rfc.iref.p.1">2.2</a></li>
     1147                  <li>Proxy-Authenticate header field&nbsp;&nbsp;<a href="#rfc.xref.header.proxy-authenticate.1">3.2</a>, <a href="#rfc.iref.p.2"><b>4.2</b></a>, <a href="#rfc.xref.header.proxy-authenticate.2">5.3</a></li>
     1148                  <li>Proxy-Authorization header field&nbsp;&nbsp;<a href="#rfc.xref.header.proxy-authorization.1">3.2</a>, <a href="#rfc.iref.p.3"><b>4.3</b></a>, <a href="#rfc.xref.header.proxy-authorization.2">5.3</a></li>
    11441149               </ul>
    11451150            </li>
    11461151            <li><a id="rfc.index.R" href="#rfc.index.R"><b>R</b></a><ul>
    1147                   <li><tt>realm</tt>&nbsp;&nbsp;<a href="#rfc.iref.r.1"><b>2.2</b></a></li>
    1148                   <li><tt>realm-value</tt>&nbsp;&nbsp;<a href="#rfc.iref.r.2"><b>2.2</b></a></li>
     1152                  <li>Realm&nbsp;&nbsp;<a href="#rfc.iref.r.1">2.2</a></li>
     1153                  <li><tt>realm</tt>&nbsp;&nbsp;<a href="#rfc.iref.r.2"><b>2.2</b></a></li>
     1154                  <li><tt>realm-value</tt>&nbsp;&nbsp;<a href="#rfc.iref.r.3"><b>2.2</b></a></li>
    11491155                  <li><em>RFC2119</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2119.1">1.1</a>, <a href="#RFC2119"><b>8.1</b></a></li>
    11501156                  <li><em>RFC2616</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2616.1">1</a>, <a href="#rfc.xref.RFC2616.2">7</a>, <a href="#RFC2616"><b>8.2</b></a>, <a href="#rfc.xref.RFC2616.3">C.1</a></li>
  • draft-ietf-httpbis/latest/p7-auth.xml

    r1344 r1354  
    388388
    389389<section title="Protection Space (Realm)" anchor="protection.space">
    390 <t>
    391    The authentication parameter realm is defined for all authentication
    392    schemes:
     390  <iref item="Protection Space"/>
     391  <iref item="Realm"/>
     392<t>
     393   The authentication parameter realm is reserved for use by authentication
     394   schemes that wish to indicate the scope of protection:
    393395</t>
    394396<figure><artwork type="abnf2616"><iref item="realm" primary="true"/><iref item="realm-value" primary="true"/>
     
    397399</artwork></figure>
    398400<t>
    399    The realm directive (case-insensitive) is required for all
    400    authentication schemes that issue a challenge. The realm value
    401    (case-sensitive), in combination with the canonical root URI
    402    (the scheme and authority components of the effective request URI; see
    403    <xref target="Part1" x:fmt="of" x:rel="#effective.request.uri"/>) of the server being accessed, defines the protection space.
     401   A <x:dfn>protection space</x:dfn> is defined by the canonical root URI (the
     402   scheme and authority components of the effective request URI; see
     403   <xref target="Part1" x:fmt="of" x:rel="#effective.request.uri"/>) of the
     404   server being accessed, in combination with the realm value if present.
    404405   These realms allow the protected resources on a server to be
    405406   partitioned into a set of protection spaces, each with its own
     
    12211222<section title="Since draft-ietf-httpbis-p7-auth-15" anchor="changes.since.15">
    12221223<t>
    1223   None yet.
     1224  Closed issues:
     1225  <list style="symbols">
     1226    <t>
     1227      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/177"/>:
     1228      "Realm required on challenges"
     1229    </t>
     1230  </list>
    12241231</t>
    12251232</section>
Note: See TracChangeset for help on using the changeset viewer.