Changeset 2452
- Timestamp:
- 30/10/13 16:16:19 (9 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p7-auth.html
r2450 r2452 692 692 <p id="rfc.section.2.1.p.16">A server receiving credentials that are valid, but not adequate to gain access, ought to respond with the <a href="p2-semantics.html#status.403" class="smpl">403 (Forbidden)</a> status code (<a href="p2-semantics.html#status.403" title="403 Forbidden">Section 6.5.3</a> of <a href="#Part2" id="rfc.xref.Part2.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>). 693 693 </p> 694 <p id="rfc.section.2.1.p.17"> The HTTP protocol does not restrict applications to this simple challenge-response framework for access authentication. Additional695 mechanisms can be used, such as encryption at the transport level or via message encapsulation, and with additional header696 fields specifyingauthentication information. However, such additional mechanisms are not defined by this specification.694 <p id="rfc.section.2.1.p.17">HTTP does not restrict applications to this simple challenge-response framework for access authentication. Additional mechanisms 695 can be used, such as encryption at the transport level or via message encapsulation, and with additional header fields specifying 696 authentication information. However, such additional mechanisms are not defined by this specification. 697 697 </p> 698 698 <p id="rfc.section.2.1.p.18">A proxy <em class="bcp14">MUST</em> forward the <a href="#header.www-authenticate" class="smpl">WWW-Authenticate</a> and <a href="#header.authorization" class="smpl">Authorization</a> header fields unmodified and follow the rules found in <a href="#header.authorization" id="rfc.xref.header.authorization.1" title="Authorization">Section 4.1</a>. -
draft-ietf-httpbis/latest/p7-auth.xml
r2450 r2452 262 262 </t> 263 263 <t> 264 The HTTP protocoldoes not restrict applications to this simple264 HTTP does not restrict applications to this simple 265 265 challenge-response framework for access authentication. Additional 266 266 mechanisms can be used, such as encryption at the transport level or
Note: See TracChangeset
for help on using the changeset viewer.