W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

RE: ISSUE: MUST a client wait for 100 when doing PUT or POST requests?

From: Wingard, Steve <swingard@spyglass.com>
Date: Tue, 10 Jun 1997 18:13:09 -0500
Message-Id: <c=US%a=_%p=Spyglass%l=SPYBEM01-970610231309Z-24324@spybem01.nap.spyglass.com>
To: 'John Franks' <john@math.nwu.edu>, 'Scott Lawrence' <lawrence@agranat.com>
Cc: "'http-wg@cuckoo.hpl.hp.com'" <http-wg@cuckoo.hpl.hp.com>
On Tuesday, June 10, 1997 5:28 PM, John Franks [SMTP:john@math.nwu.edu]
wrote:
> 
> It must be an *extremely* rare case that 1) a form requires
> authentication, 2) the response requires authentication, and 3) the
> authentication credentials for 1) and 2) are different!

Not necessarily "extremely" rare.  Embedded configuration
interfaces (which Scott used as an example) are probably
the most common case today -- access to VIEW a form detailing
the configuration or status of a printer may be granted to a
fairly wide (but not universal) audience.  But the group of
people that are actually allowed to MODIFY that configuration
by submitting the form with new values would be much smaller.
Using different realms for "view" vs. "set" is a very straightforward
way to accomplish this.


Steve Wingard
Spyglass
Received on Tuesday, 10 June 1997 16:49:47 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:44 EDT