W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2002

FW: Web Folders Simple Authentication

From: Jim Whitehead <ejw@cse.ucsc.edu>
Date: Wed, 17 Apr 2002 12:05:36 -0700
To: "WebDAV" <w3c-dist-auth@w3.org>
Accidentally caught by the spam filter.

- Jim
-----Original Message-----
From: Kamran Kashanian [mailto:kamrankash@mindspring.com]
Sent: Tuesday, April 16, 2002 9:20 PM
To: w3c-dist-auth@w3.org
Subject: [Moderator Action] Web Folders Simple Authentication

I am implementing a WebDAV server and trying to get it to work with
Microsoft Web Folders with simple authentication.

My question is:

In order to use simple authentication, I issue an http challenge from my
server by using the 401 error response and the www-Authenticate header in
the http response.

Web Folders (explorer) correctly prompts the user to login and sends a
base64 Authentication string with the next request.

Is Web Folders supposed to send the same Authentication string header with
all subsequent requests for resources? It looks like it does not do this. It
only sends the authentication header once. My server looks for the
authentication header to determine if the user has already been
authenticated. If the authentication header is missing, the server issues
the 401 error again forcing the user to login again.

I tested my server with DAV Explorer, and it sends the authentication string
with all requests after the user has logged in.

Is this behavior a bug in Web folders.


Received on Wednesday, 17 April 2002 15:05:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:25 UTC