W3C home > Mailing lists > Public > whatwg@whatwg.org > November 2008

[whatwg] Solving the login/logout problem in HTML

From: Thomas Broyer <t.broyer@gmail.com>
Date: Thu, 27 Nov 2008 18:15:12 +0100
Message-ID: <a9699fd20811270915q2e12335cl5400b67b32cf2cfb@mail.gmail.com>
On Thu, Nov 27, 2008 at 5:56 PM, Julian Reschke wrote:
> Thomas Broyer wrote:
>> I don't really mind, as long as the server is able to say "I give you
>> this thing to you anonymous user, but you can also authenticate (e.g.
>> to be proposed more features)". This is the exact use-case many web
>> site (including most if not all e-commerce web sites) are facing, and
>> it'd be cool that it could be dealt with at the HTTP level.
> Yes, I agree that this is a valid use case. I think "Vary: Authentication"
> is sufficient for a client to detect that authenticating will indeed have an
> effect.
> What else do we need?

A challenge ! ;-)

...so that the UA knows *how* to authenticate (hence the
"WWW-Authenticate in 200" suggestion)

Thomas Broyer
Received on Thursday, 27 November 2008 09:15:12 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:07 UTC