- From: Paul Leach <paulle@microsoft.com>
- Date: Fri, 11 Sep 1998 11:56:56 -0700
- To: "'Nottingham, Mark (Australia)'" <mark_nottingham@exchange.au.ml.com>, http-wg@hplb.hpl.hp.com
Three comments: 1. Too late for HTTP/1.1 2. Please provide more motivation -- why not just authenticate to the internal web servers directly? 3. Even if desirable, how is the requirement to first authenticate with the proxy server enforced? > -----Original Message----- > From: Nottingham, Mark (Australia) > [mailto:mark_nottingham@exchange.au.ml.com] > Sent: Thursday, September 10, 1998 8:39 PM > To: http-wg@hplb.hpl.hp.com > Subject: passing on Proxy Authentication > > > > Is there any reason why proxy-authorization can't be passed onto > selected *Web* servers? It occured to me that this would be a nice way > to have a 'single login' in an Intranet situation; e.g., users use an > internal proxy, which they must authenticate for (for accounting/audit > purposes). Instead of re-typing a (possibly different) user/pass > combination to access protected internal resources, it would > be nifty to > reuse the Proxy-Authorization: information. >
Received on Friday, 11 September 1998 12:00:41 UTC