On 10/3/06, Julian Reschke <julian.reschke@gmx.de> wrote: > Tim Olsen schrieb: > > Let's say I do an infinite-depth copy on /CollX to /CollY, and I have > > read permission on Collection C1, but not on Resource R1. In my > > multistatus response, do I have to specify a 401 for each URL for > > Resource R1 (/CollX/x.gif and /CollX/y.gif), or for just one of them? > > Independently of that question, it would be 403, right? I'm not sure. From HTTP/1.1 : "If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials." Whereas for 403: "Authorization will not help and the request SHOULD NOT be repeated." So if you have the option of authenticating with different credentials which may have the proper permissions, then I guess 401 is appropriate? thanks, TimReceived on Tuesday, 3 October 2006 14:47:48 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 12 October 2007 17:53:27 GMT