W3C home > Mailing lists > Public > www-forms@w3.org > May 2002

XForms requirement 5.8: HTTP Authentication Front-end

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Sun, 26 May 2002 00:57:34 +0200
To: www-forms@w3.org, www-html@w3.org
Message-ID: <9v10fuoiq6lgk3sq1ndsh5icvf848a7jet@4ax.com>
Hi,

I'd like to know what happend to requirement 5.8 of the XHTML Forms
Requirements document [1]:

[...]
  5.8 HTTP Authentication Front-end

    Current user agents typically implement HTTP authentication with a
    pop-up window requesting name and password. It should be possible
    for XForms to be used as a front end for HTTP authentication.
[...]

There are many people who use different ways of authentication
management on web sites, essentially cookies or proprietary means
of "session tracking", e.g. appending some session id to all URIs
after the user once has logged into the site using some HTML form.
Many of them do so, because HTTP authentication as commonly implemented
into browsers does not fit their design and/or usability demands. I
think this is a unnecessary, sometimes harmful abuse of technology and
have hoped, XHTML 2.0 could make a change considering it's XForms
integration.

The latest draft does not discuss this feature, so I fear XForms 1.0
and/or it's integration into XHTML 2.0 will not enable web page authors
to use XForms for HTTP authentication. Is this true and if yes, why?

[1] http://www.w3.org/TR/2001/WD-xhtml-forms-req-20010404

regards.
Received on Saturday, 25 May 2002 18:58:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 10 March 2012 06:21:51 GMT