![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Opened 10 years ago
Closed 10 years ago
#357 closed design (fixed)
Authentication exchanges
| Reported by: | mnot@… | Owned by: | draft-ietf-httpbis-p7-auth@… |
|---|---|---|---|
| Priority: | normal | Milestone: | 20 |
| Component: | p7-auth | Severity: | In WG Last Call |
| Keywords: | Cc: |
Description
If the origin server does not wish to accept the credentials sent with a request, it SHOULD return a 401 (Unauthorized) response. The response MUST include a WWW-Authenticate header field containing at least one (possibly new) challenge applicable to the requested resource.
If a proxy does not accept the credentials sent with a request, it SHOULD return a 407 (Proxy Authentication Required). The response MUST include a Proxy-Authenticate header field containing a (possibly new) challenge applicable to the proxy for the requested resource.
I think this is a bit misleading. Can an authentication exchange include more than one round trip? I think you need to be explicit one way or another. (If it can, then "does not accept" is not necessarily correct.)
Attachments (1)
Change History (6)
Changed 10 years ago by julian.reschke@…
comment:1 Changed 10 years ago by julian.reschke@…
comment:2 Changed 10 years ago by julian.reschke@…
- Milestone changed from unassigned to 20
- Resolution set to incorporated
- Status changed from new to closed
comment:3 Changed 10 years ago by julian.reschke@…
comment:4 Changed 10 years ago by mnot@…
- Resolution incorporated deleted
- Status changed from closed to reopened
comment:5 Changed 10 years ago by mnot@…
- Resolution set to fixed
- Status changed from reopened to closed
Proposed patch