FW: Web Folders Simple Authentication

Accidentally caught by the spam filter.

- Jim
-----Original Message-----
From: Kamran Kashanian [mailto:kamrankash@mindspring.com]
Sent: Tuesday, April 16, 2002 9:20 PM
To: w3c-dist-auth@w3.org
Subject: [Moderator Action] Web Folders Simple Authentication


I am implementing a WebDAV server and trying to get it to work with
Microsoft Web Folders with simple authentication.

My question is:

In order to use simple authentication, I issue an http challenge from my
server by using the 401 error response and the www-Authenticate header in
the http response.

Web Folders (explorer) correctly prompts the user to login and sends a
base64 Authentication string with the next request.

Is Web Folders supposed to send the same Authentication string header with
all subsequent requests for resources? It looks like it does not do this. It
only sends the authentication header once. My server looks for the
authentication header to determine if the user has already been
authenticated. If the authentication header is missing, the server issues
the 401 error again forcing the user to login again.

I tested my server with DAV Explorer, and it sends the authentication string
with all requests after the user has logged in.

Is this behavior a bug in Web folders.

Regards

Kamran

Received on Wednesday, 17 April 2002 15:05:58 UTC