W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2011

Re: best status code for bad auth method

From: Adrien de Croy <adrien@qbik.com>
Date: Fri, 09 Dec 2011 15:03:52 +1300
Message-ID: <4EE16C88.1030204@qbik.com>
To: HTTP Working Group <ietf-http-wg@w3.org>

that was my initial though too, but in this case we'd already sent a 407 
with advertised methods, so the client already got it wrong once...

Regards

Adrien


On 9/12/2011 3:02 p.m., Mark Nottingham wrote:
> I think that'd be a 407; this basically says "here is the list of accepted auth methods" and the client can put two and two together...
>
> Cheers,
>
>
> On 09/12/2011, at 12:57 PM, Adrien de Croy wrote:
>
>> Hi all
>>
>> hopefully a quick question...
>>
>> what is the best response code for a proxy that receives a request with a Proxy-Authorization header that specifies a method that is not acceptable to the proxy?
>>
>> another 407?
>> 403?  We don't want the client to repeat the request as is...
>>
>> or do we need a new status code for "auth method not allowed".
>>
>> Regards
>>
>> Adrien de Croy
>>
>> --
>> Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
>> WinGate 7 is released! - http://www.wingate.com/getlatest/
>>
>>
> --
> Mark Nottingham   http://www.mnot.net/
>
>
>

-- 
Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
WinGate 7 is released! - http://www.wingate.com/getlatest/
Received on Friday, 9 December 2011 02:04:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:50 GMT