>>>>> "BL" == Ben Laurie <ben@algroup.co.uk> writes: BL> I've just glanced through this, perhaps I've missed something. If nonces BL> are going to be time-limited, we need a response that means "your nonce BL> has expired" so the user is not prompted for a password again. It's in there... the server sends a 401 response, with the WWW-Authenticate header to provide nonce and 'stale=true' to indicate that it was the expired nonce that was the problem rather than the credentials. -- Scott Lawrence EmWeb Embedded Server <lawrence@agranat.com> Agranat Systems, Inc. Engineering http://www.agranat.com/Received on Thursday, 22 January 1998 06:17:49 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:04 UTC