- From: Dan Burton <DPBURTON@novell.com>
- Date: Thu, 01 Jun 2000 09:14:09 -0600
- To: "<"<w3c-dist-auth@w3.org>
In my original message I said this may be out of the scope of WebDAV, but now I think it is critical to WebDAV. We a currently working on this issue with a large customer. With a normal HTTP client (one that renders html) it is possible to solve the expired password problem. However, with WebDAV clients there currently is no way to solve this problem. This is currently THE issue that is preventing the adoption of WebDAV for this customer. If we want to have people use the WebDAV protocol we have to be willing to solve problems like this one. >>> "Kevin Dyer" <kevin.dyer@matrix-one.com> 05/26/00 05:56AM >>> Changing passwords may be out-of-scope but providing a return code mechanism for revoking credentials, or to inform the user that their password/temporary password must be renewed is not. About a year and a half ago I made a suggestion to the HTTP-WG that we add a return code or set of return codes to do just that. Provide a mechanism to the underlying authentication and authorization systems that allows the system to notify it's users in a standardized manner that something needs to be addressed. The suggestion was tabled due to the timing and where 1.1 was in the loop. As Dan points out most of the new clients that are interfacing with a WebDAV server are not browsers so they are incapable of displaying HTML pages. So what do we put into the protocol to allow such interoperability?
Received on Thursday, 1 June 2000 11:22:14 UTC