![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Changeset 1356 for draft-ietf-httpbis/latest/p7-auth.html
- Timestamp:
- 26/07/11 16:00:04 (12 years ago)
- File:
-
- 1 edited
-
draft-ietf-httpbis/latest/p7-auth.html (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p7-auth.html
r1354 r1356 545 545 <li>2.1 <a href="#challenge.and.response">Challenge and Response</a></li> 546 546 <li>2.2 <a href="#protection.space">Protection Space (Realm)</a></li> 547 <li>2.3 <a href="#authentication.scheme.registry">Authentication Scheme Registry</a></li> 547 <li>2.3 <a href="#authentication.scheme.registry">Authentication Scheme Registry</a><ul> 548 <li>2.3.1 <a href="#considerations.for.new.authentication.schemes">Considerations for New Authentication Schemes</a></li> 549 </ul> 550 </li> 548 551 </ul> 549 552 </li> … … 707 710 <p id="rfc.section.2.3.p.4">The registry itself is maintained at <<a href="http://www.iana.org/assignments/http-authschemes">http://www.iana.org/assignments/http-authschemes</a>>. 708 711 </p> 712 <h3 id="rfc.section.2.3.1"><a href="#rfc.section.2.3.1">2.3.1</a> <a id="considerations.for.new.authentication.schemes" href="#considerations.for.new.authentication.schemes">Considerations for New Authentication Schemes</a></h3> 713 <p id="rfc.section.2.3.1.p.1">There are certain aspects of the HTTP Authentication Framework that put constraints on how new authentication schemes can 714 work: 715 </p> 716 <p id="rfc.section.2.3.1.p.2"> </p> 717 <ul> 718 <li>Authentication schemes need to be compatible with the inherent constraints of HTTP; for instance, that messages need to keep 719 their semantics when inspected in isolation, thus an authentication scheme can not bind information to the TCP session over 720 which the message was received (see <a href="p1-messaging.html#message-orientation-and-buffering" title="Message Orientation and Buffering">Section 2.2</a> of <a href="#Part1" id="rfc.xref.Part1.7"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). 721 </li> 722 <li>The authentication parameter "realm" is reserved for defining Protection Spaces as defined in <a href="#protection.space" title="Protection Space (Realm)">Section 2.2</a>. New schemes <em class="bcp14">MUST NOT</em> use it in a way incompatible with that definition. 723 </li> 724 <li>Authentication schemes need to document whther they are usable in origin-server authentication (i.e., using WWW-Authenticate), 725 and/or proxy authentication (i.e., using Proxy-Authenticate). 726 </li> 727 </ul> 709 728 <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a> <a id="status.code.definitions" href="#status.code.definitions">Status Code Definitions</a></h1> 710 729 <div id="rfc.iref.8"></div> … … 752 771 <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a> <a id="header.proxy-authenticate" href="#header.proxy-authenticate">Proxy-Authenticate</a></h2> 753 772 <p id="rfc.section.4.2.p.1">The "Proxy-Authenticate" header field consists of a challenge that indicates the authentication scheme and parameters applicable 754 to the proxy for this effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1. 7"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). It <em class="bcp14">MUST</em> be included as part of a 407 (Proxy Authentication Required) response.773 to the proxy for this effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.8"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). It <em class="bcp14">MUST</em> be included as part of a 407 (Proxy Authentication Required) response. 755 774 </p> 756 775 <div id="rfc.figure.u.7"></div><pre class="inline"><span id="rfc.iref.g.2"></span> <a href="#header.proxy-authenticate" class="smpl">Proxy-Authenticate</a> = 1#<a href="#challenge.and.response" class="smpl">challenge</a> … … 776 795 <h2 id="rfc.section.4.4"><a href="#rfc.section.4.4">4.4</a> <a id="header.www-authenticate" href="#header.www-authenticate">WWW-Authenticate</a></h2> 777 796 <p id="rfc.section.4.4.p.1">The "WWW-Authenticate" header field consists of at least one challenge that indicates the authentication scheme(s) and parameters 778 applicable to the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1. 8"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). It <em class="bcp14">MUST</em> be included in 401 (Unauthorized) response messages.797 applicable to the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 4.3</a> of <a href="#Part1" id="rfc.xref.Part1.9"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). It <em class="bcp14">MUST</em> be included in 401 (Unauthorized) response messages. 779 798 </p> 780 799 <div id="rfc.figure.u.9"></div><pre class="inline"><span id="rfc.iref.g.4"></span> <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> = 1#<a href="#challenge.and.response" class="smpl">challenge</a> … … 1089 1108 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/177">http://tools.ietf.org/wg/httpbis/trac/ticket/177</a>>: "Realm required on challenges" 1090 1109 </li> 1110 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/257">http://tools.ietf.org/wg/httpbis/trac/ticket/257</a>>: "Considerations for new authentications schemes" 1111 </li> 1091 1112 </ul> 1092 1113 <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1> … … 1134 1155 </li> 1135 1156 <li><a id="rfc.index.P" href="#rfc.index.P"><b>P</b></a><ul> 1136 <li><em>Part1</em> <a href="#rfc.xref.Part1.1">1.2</a>, <a href="#rfc.xref.Part1.2">1.2.1</a>, <a href="#rfc.xref.Part1.3">1.2.1</a>, <a href="#rfc.xref.Part1.4">1.2.1</a>, <a href="#rfc.xref.Part1.5">1.2.1</a>, <a href="#rfc.xref.Part1.6">2.2</a>, <a href="#rfc.xref.Part1.7"> 4.2</a>, <a href="#rfc.xref.Part1.8">4.4</a>, <a href="#Part1"><b>8.1</b></a><ul>1157 <li><em>Part1</em> <a href="#rfc.xref.Part1.1">1.2</a>, <a href="#rfc.xref.Part1.2">1.2.1</a>, <a href="#rfc.xref.Part1.3">1.2.1</a>, <a href="#rfc.xref.Part1.4">1.2.1</a>, <a href="#rfc.xref.Part1.5">1.2.1</a>, <a href="#rfc.xref.Part1.6">2.2</a>, <a href="#rfc.xref.Part1.7">2.3.1</a>, <a href="#rfc.xref.Part1.8">4.2</a>, <a href="#rfc.xref.Part1.9">4.4</a>, <a href="#Part1"><b>8.1</b></a><ul> 1137 1158 <li><em>Section 1.2</em> <a href="#rfc.xref.Part1.1">1.2</a></li> 1138 1159 <li><em>Section 1.2.2</em> <a href="#rfc.xref.Part1.2">1.2.1</a>, <a href="#rfc.xref.Part1.3">1.2.1</a>, <a href="#rfc.xref.Part1.4">1.2.1</a>, <a href="#rfc.xref.Part1.5">1.2.1</a></li> 1139 <li><em>Section 4.3</em> <a href="#rfc.xref.Part1.6">2.2</a>, <a href="#rfc.xref.Part1.7">4.2</a>, <a href="#rfc.xref.Part1.8">4.4</a></li> 1160 <li><em>Section 2.2</em> <a href="#rfc.xref.Part1.7">2.3.1</a></li> 1161 <li><em>Section 4.3</em> <a href="#rfc.xref.Part1.6">2.2</a>, <a href="#rfc.xref.Part1.8">4.2</a>, <a href="#rfc.xref.Part1.9">4.4</a></li> 1140 1162 </ul> 1141 1163 </li>
Note: See TracChangeset
for help on using the changeset viewer.
