- From: Jan Rygh TFU <Jan.Rygh@nta.no>
- Date: Fri, 18 Aug 1995 10:23:20 +0200
- To: www-talk@www10.w3.org
Hi, I run a Web server with protected areas, and I want to guide the users on what to do when they get a "401 Unauthorized" message. I can control the feedback to the user, but I found that the browsers handled the "401 Unauthorized" message quite differently. Almost all browsers give a promt for username/password when a "401 Unauthorized" message is received. If you give the right username/password combination you access the document you wanted to see. If not, you must "Cancel" the attempt of accessing the protected document. On "Cancel", some browsers show the document you came from, others show an "401 Unauthorized" document from the server (Mosaic has a bug when parsing this document). Actually there should be three choices on the authorization promt: 1. "OK", Authorization succeds. 2. "Cancel", user doesn't want to access protected area. 3. "Fail", user wants to enter protected area, but he fails to do so. The "OK" option returns the protected document, the "Cancel" option should do nothing and just keep the current document, the "Fail" option should return a document explaining why the document is protected and eventually what to do to get authorized access.
Received on Friday, 18 August 1995 04:26:34 UTC