- From: David Morris <dwm@xpasc.com>
- Date: Mon, 12 Jun 2006 10:05:47 -0700 (PDT)
- cc: HTTP Working Group <ietf-http-wg@w3.org>
On Mon, 12 Jun 2006, Sylvain Hellegouarch wrote:
> Could not this be done via Digest Auth if browsers provided an API
> (understand via accessiblity from Javascript) allowing web app developers
> to nicely integrate the login/password fields in their page instead of
> that ugly popup all browsers use?
I've forgotten ... did digest authentication end up solving the logoff
issue? There have been two classic issues related to using cookie/urlfield
based authentication:
a. Having a decent dialog which the end user can relate to, can
include "forgot your password", etc.
b. Support of user logoff
an additional feature which can be implemented is periodic
re-authentication.
Received on Monday, 12 June 2006 17:06:00 UTC