W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2011

Re: best status code for bad auth method

From: Mark Nottingham <mnot@mnot.net>
Date: Fri, 9 Dec 2011 13:02:19 +1100
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <4797152C-3EB0-479C-BB7F-CD7A42DA38AD@mnot.net>
To: Adrien de Croy <adrien@qbik.com>
I think that'd be a 407; this basically says "here is the list of accepted auth methods" and the client can put two and two together...

Cheers,


On 09/12/2011, at 12:57 PM, Adrien de Croy wrote:

> 
> Hi all
> 
> hopefully a quick question...
> 
> what is the best response code for a proxy that receives a request with a Proxy-Authorization header that specifies a method that is not acceptable to the proxy?
> 
> another 407?
> 403?  We don't want the client to repeat the request as is...
> 
> or do we need a new status code for "auth method not allowed".
> 
> Regards
> 
> Adrien de Croy
> 
> -- 
> Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
> WinGate 7 is released! - http://www.wingate.com/getlatest/
> 
> 

--
Mark Nottingham   http://www.mnot.net/
Received on Friday, 9 December 2011 02:02:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:50 GMT