W3C home > Mailing lists > Public > public-xml-processing-model-wg@w3.org > July 2007

Re: authentication on http-requests

From: Norman Walsh <ndw@nwalsh.com>
Date: Tue, 03 Jul 2007 08:25:55 -0400
To: public-xml-processing-model-wg@w3.org
Message-ID: <877iphbrn0.fsf@nwalsh.com>
/ Alex Milowski <alex@milowski.org> was heard to say:
| I'd like to add at least a  'username' and 'password' attribute to
| c:http-request
| so that an "Authorization" header can be generated as appropriate.
|
| The minimum semantics would be that a p:http-request must respond to
| an authentication challenge if the authorization credentials are given.

Makes sense.

| Optionally, we could add a "auth-method" attribute that would take
| "basic" or "digest".  If that attribute is specified, an
| "Authorization" header would
| be generated on the first request to avoid a challenge response and
| resending of the request.

That seems fine to me, too.

                                        Be seeing you,
                                          norm

-- 
Norman Walsh <ndw@nwalsh.com> | All professional men are handicapped by
http://nwalsh.com/            | not being allowed to ignore things
                              | which are useless.-- Goethe

Received on Tuesday, 3 July 2007 12:26:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:53 GMT