Re: [#177] Realm required on challenges

ons 2009-07-08 klockan 10:02 +1200 skrev Adrien de Croy:

> When we added a realm, we couldn't find anywhere which specified how a 
> proxy should specify a realm of the entire universe.  In the end we used 
> realm="/"

It's an opaque string. There is no structure to realms, just equality.

>  This is nothing like a sitename, or anything the browser can use to 
> judge whether or not the credentials are usable or not for another 
> request.  So the browser has to simply assume the actual usability space 
> of the credentials are defined by host, port, etc etc.  Surely this 
> isn't the intent of realm?

The realm is in addition to the canonical root of the requested server,
or in case of 407 the Cacnonical-Root is proxy-host:port (or
http://proxy-host:port if you like, doesn't matter).

The protection space is defined by the tuple

 (Canonical-Root, Realm)

See 2617 1.2 Access Authentication Framework


Received on Friday, 17 July 2009 02:00:10 UTC