W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

Re: Regarding Authentication

From: Ross Patterson <Ross_Patterson@ns.reston.vmd.sterling.com>
Date: Thu, 20 Nov 97 14:32:22 EST
Message-Id: <199711201940.AA23781@reston.vmd.sterling.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Sambasiva Rao <sams@wipinfo.soft.net> writes:

>Few issues related to Authentication  are as following :
>
>1> In the authentication credentials field defined as following
>
>       credentials  = basic-credentials
>                       |auth-scheme #auth-param
>       in RFC2068.
>
>       a> Does this mean the server must produce parse error if the client
>sends two or more scheme credentials ?

Yes, that's what it means.  There is no provision in HTTP 1.1 for
multiple sets of credentials on an Authorization header.  By extension,
that also means that there is no provision multiple Authorization headers
in a request.

Ross Patterson
Sterling Software, Inc.
VM Software Division
Received on Thursday, 20 November 1997 11:40:26 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:03 EDT