W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2002

Re: Digest authentication

From: Jim Luther <luther.j@apple.com>
Date: Wed, 18 Sep 2002 10:28:17 -0700
Cc: Webdav WG <w3c-dist-auth@w3c.org>
To: Dirk-Willem van Gulik <dirkx@webweaving.org>
Message-Id: <04E6BDDD-CB2C-11D6-A0E5-0003934B6A22@apple.com>

On Wednesday, September 18, 2002, at 03:46 AM, Dirk-Willem van Gulik 
wrote:

>
> On Tue, 17 Sep 2002, Jim Luther wrote:
>
>> I should have brought this issue up during the Interop event in Santa
>> Cruz, because many of the servers I tested against there did not
>> support Digest authentication. Since Digest support is a MUST in
>> RFC2518, it would be nice if our client could depend on it and not 
>> have
>> to bother users with a warning.
>
> Note that Apache 1.3 has most recently (2002-10-10) been patched to
> interoperate with Apple's DAV client in MacOS 10.x
>
> The issue was that the "Authorization" line contained a mix of quoted 
> and
> non quoted tokens; and apache used to barf on a non quoated uri value
> which non alphanum chars. This is now fixed. Apache 2.0 was fine all 
> along.

All of the tokens in our Authorization header are quoted in the Mac OS 
X 10.1.3 and later WebDAV file system clients. That bug was only in the 
10.1.1 client.

Since all of the Mac OS X 10.1.x updates were free to 10.1 customers, 
most users that haven't moved to 10.2 should be running 10.1.5.

- Jim
Received on Wednesday, 18 September 2002 13:28:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:01 GMT