[6599] in www-talk@info.cern.ch
authentication cleanups
daemon@ATHENA.MIT.EDU (Tony Sanders)
Wed Nov 9 19:50:56 1994
Date: Thu, 10 Nov 1994 01:06:22 +0100
Errors-To: listmaster@www0.cern.ch
Reply-To: sanders@earth.com
From: Tony Sanders <sanders@earth.com>
To: Multiple recipients of list <www-talk@www0.cern.ch>
Perhaps servers should return a indication of what area is
covered by the authentication. For example:
Client:
GET /protected/recipies/secret-sauce/ingredients HTML/1.0
...
Server:
401 Unauthorized
WWW-Authenticate: Basic realm="burgers_and_fries"
WWW-Realm-Partial: /protected/recipies/, /protected/foods/
...
Client:
GET /protected/recipies/secret-sauce/ingredients HTML/1.0
Authorization: Basic mickeyd:passwd
...
And now the client knows that it is ok to send the username/password on
an access to /protected/recipies/fries or /protected/foods/fries but that
should the user select something in /protected/payroll/* then it would
*not* send the users password to that area because they would probably
generate a security warning being issued.
Does this make sense?
