- From: Scott Lawrence <lawrence@agranat.com>
- Date: Thu, 22 Jan 1998 09:00:34 -0500
- To: Ben Laurie <ben@algroup.co.uk>
- Cc: http-wg@cuckoo.hpl.hp.com
>>>>> "BL" == Ben Laurie <ben@algroup.co.uk> writes: BL> I've just glanced through this, perhaps I've missed something. If nonces BL> are going to be time-limited, we need a response that means "your nonce BL> has expired" so the user is not prompted for a password again. It's in there... the server sends a 401 response, with the WWW-Authenticate header to provide nonce and 'stale=true' to indicate that it was the expired nonce that was the problem rather than the credentials. -- Scott Lawrence EmWeb Embedded Server <lawrence@agranat.com> Agranat Systems, Inc. Engineering http://www.agranat.com/
Received on Thursday, 22 January 1998 06:17:49 UTC