W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1998

Proxy Auth???

From: Paul Leach <paulle@microsoft.com>
Date: Thu, 6 Aug 1998 23:48:16 -0700
Message-Id: <CB6657D3A5E0D111A97700805FFE65875D7429@red-msg-51.dns.microsoft.com>
To: http-wg@hplb.hpl.hp.com
Is Proxy-Authorization only sent after 407, or can it also be sent after
401? Section 3.6 (entitled Proxy-Authentication and Proxy-Authorization)
says that:
 
Upon receiving a request which requires authentication, the proxy/server
must issue the "HTTP/1.1 401 Unauthorized " response with a
"Proxy-Authenticate" header.

Section 1.2 says:

The 401 (Unauthorized) response message is used by an origin server to
challenge the authorization of a user agent. This response MUST include a
WWW-Authenticate header field containing at least one challenge applicable
to the requested resource. The 407 (Proxy Authentication Required) response
message is used by a proxy to challenge the authorization of a client and
MUST include a Proxy-Authenticate header field containing a challenge
applicable to the proxy for the requested resource.
Received on Thursday, 6 August 1998 23:49:57 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:19 EDT