W3C home > Mailing lists > Public > www-talk@w3.org > May to June 2002

Re: authentication scope with persistant connections

From: Mark Baker <distobj@acm.org>
Date: Sat, 1 Jun 2002 21:23:10 -0400
To: Simon Fell <soap@zaks.demon.co.uk>
Cc: www-talk@w3.org
Message-ID: <20020601212310.A1706@www.markbaker.ca>

Hi Simon,

On Sat, Jun 01, 2002 at 03:45:12PM -0700, Simon Fell wrote:
> 
> Hi,
> 
> I'm trying to work out how authentication and persistent connections
> interact. I initially thought that the authentication header will only
> apply to the scope of that particular HTTP exchange, however I'm
> seeing with IIS that subsequent requests on the same connection
> continue to be treated as authenticated even if the following request
> doesn't specify an authentication header. 
> 
> Can anyone clarify what the expected behavior should be ?

If that's what's happening, IIS is broken.  The connection style
doesn't impact the statelessness of the interaction.

Are you sure that's what you're observing?

MB
-- 
Mark Baker, CTO, Idokorro Mobile (formerly Planetfred)
Ottawa, Ontario, CANADA.               distobj@acm.org
http://www.markbaker.ca        http://www.idokorro.com
Received on Saturday, 1 June 2002 21:14:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:27 GMT