W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2005

Re: [Ietf-caldav] [Fwd: draft-reschke-http-addmember-00]

From: Helge Hess <helge.hess@opengroupware.org>
Date: Thu, 17 Feb 2005 22:59:08 +0100
Message-Id: <bf43653a92ff37cd6a9c475389f45773@opengroupware.org>
To: 'Webdav WG' <w3c-dist-auth@w3c.org>

On 17. Feb 2005, at 22:51 Uhr, Jim Whitehead wrote:
> I don't think Expect allows you to easily determine what access control
> challenge you'll receive. Am I wrong?

Not sure what you mean by "access control challange". It allows you to 
determine whether authentication is required or valid prior pushing the 
content. Access control must be determined with WebDAV ACL or something 
similiar.

It goes like this:
1) client sends HTTP request header with expect: 100-continue
2) server checks the 'authorization' header
3) if authorization fails for the given method+header, the server sends
    a 401 with www-authenticate
4) if auth is OK, it sends a 100 Continue

Pretty much what you were asking for initially?

Greets,
   Helge
-- 
http://docs.opengroupware.org/Members/helge/
OpenGroupware.org
Received on Thursday, 17 February 2005 21:59:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:07 GMT