#314: realm parameter syntax





Proposed Change:

Remove the parameter-specific ABNF and describe the syntax in prose; 
noting that many recipients accept token as well, thus new recipients 
may have to, as well.

The new description would read:

2.2.  Protection Space (Realm)

    The authentication parameter realm is reserved for use by
    authentication schemes that wish to indicate the scope of protection.

    A protection space is defined by the canonical root URI (the scheme
    and authority components of the effective request URI; see Section
    4.3 of [Part1]) of the server being accessed, in combination with the
    realm value if present.  These realms allow the protected resources
    on a server to be partitioned into a set of protection spaces, each
    with its own authentication scheme and/or authorization database.
    The realm value is a string, generally assigned by the origin server,
    which can have additional semantics specific to the authentication
    scheme.  Note that there can be multiple challenges with the same
    auth-scheme but different realms.

    The protection space determines the domain over which credentials can
    be automatically applied.  If a prior request has been authorized,
    the same credentials MAY be reused for all other requests within that
    protection space for a period of time determined by the
    authentication scheme, parameters, and/or user preference.  Unless
    otherwise defined by the authentication scheme, a single protection
    space cannot extend outside the scope of its server.

    For historical reasons, senders MUST only use the quoted-string
    syntax.  Recipients might have to support both token and quoted-
    string syntax as both have been accepted by common user-agents for
    many years.

See also: 

Feedback appreciated, Julian

Received on Sunday, 20 November 2011 16:52:46 UTC