W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2010

Re: Multiple Realm Authentication?

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Thu, 09 Dec 2010 04:11:28 +0100
To: Zhi-Qiang Lei <zhiqiang.lei@gmail.com>
Cc: ietf-http-wg@w3.org
Message-ID: <dvh0g615d2erq8gmedvpi0jf6hfbgk357e@hive.bjoern.hoehrmann.de>
* Zhi-Qiang Lei wrote:
>On my multiuser application, some resources need to be authenticated
>(I'm using http digest access authentication.) by user A, as suggestion
>of RFC 2617, I assign "A@example.com" to these resources. In the same
>way, the resources need to be authenticated by user B belong to realm
>"B@example.com". But now I've got trouble, how do I assign the realms to
>the resources which need to be authenticated by either A or B? (The
>resources shared by A and B.) Thanks.

I am not quite following. Could you point out the specific passage in
RFC 2617 you are referring to? Looking at the RFC, you might mean

   realm
     A string to be displayed to users so they know which username and
     password to use. This string should contain at least the name of
     the host performing the authentication and might additionally
     indicate the collection of users who might have access. An example
     might be "registered_users@gotham.news.com".

This, however, refers to .all. registered users, not individual users.
Realms are something about where you are, not about who you are. You
can't give individual realms to individual users, because prior to any
authentication you do not know who the user is in order to generate a
user-specific realm. But I might well be missing something.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Thursday, 9 December 2010 03:12:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:33 GMT