> After reviewing the HTTP/1.0 draft I was unable to find in the status > codes section anything which I could use to report access authorization has > been denied because the password given has expired. There is not a separate status code for every possible error condition; instead, there are codes for classes of problems and the content of the message is used to explain the exact reason. In this case, the response should be some form of "Authorization Refused", but we seem to be lacking one of those. Do we need one? In the mean time, use 403 Forbidden and include an explanation in the message body. ....Roy T. Fielding Department of ICS, University of California, Irvine USA <fielding@ics.uci.edu> <URL:http://www.ics.uci.edu/dir/grad/Software/fielding>Received on Wednesday, 10 May 1995 19:55:27 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:42:55 UTC