[whatwg] Solving the login/logout problem in HTML

On Thu, Nov 27, 2008 at 5:56 PM, Julian Reschke wrote:
> Thomas Broyer wrote:
>> I don't really mind, as long as the server is able to say "I give you
>> this thing to you anonymous user, but you can also authenticate (e.g.
>> to be proposed more features)". This is the exact use-case many web
>> site (including most if not all e-commerce web sites) are facing, and
>> it'd be cool that it could be dealt with at the HTTP level.
> Yes, I agree that this is a valid use case. I think "Vary: Authentication"
> is sufficient for a client to detect that authenticating will indeed have an
> effect.
> What else do we need?

A challenge ! ;-)

...so that the UA knows *how* to authenticate (hence the
"WWW-Authenticate in 200" suggestion)

Thomas Broyer

Received on Thursday, 27 November 2008 09:15:12 UTC