W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2010

Re: Issue 146, was: Users with different access rights in HTTP Authentication

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 21 Jul 2010 15:00:46 +0200
Message-ID: <4C46EF7E.1030207@gmx.de>
To: Willy Tarreau <w@1wt.eu>
CC: "William A. Rowe Jr." <wrowe@rowe-clan.net>, "Roy T. Fielding" <fielding@gbiv.com>, Mark Nottingham <mnot@mnot.net>, David Morris <dwm@xpasc.com>, HTTP Working Group <ietf-http-wg@w3.org>, Martin Atkins <mart@degeneration.co.uk>
On 21.07.2010 14:43, Willy Tarreau wrote:
> ...
> Anyway, it still leaves open the expected behaviour on the client. What
> should a client do when facing such a response which indicates that
> (re-)authenticating as a different user *may* help satisfy the condition ?
> ...

The client can at least display a meaningful message ("you are not 
allowed to edit this resource" as opposed to "this resource is not 
editable").

For non-interactive clients (think remoting access to a CMS over HTTP), 
it may effect the type of error message sent up to the caller.

Best regards, Julian
Received on Wednesday, 21 July 2010 13:01:36 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:23 GMT