W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2006

Re: Recognizing a WebDAV enabled client

From: Michael Wechner <michael.wechner@wyona.com>
Date: Mon, 03 Jul 2006 15:51:10 +0200
Message-ID: <44A920CE.5040209@wyona.com>
To: Manfred Baedke <manfred.baedke@greenbytes.de>
CC: Julian Reschke <julian.reschke@gmx.de>, w3c-dist-auth@w3.org

Manfred Baedke wrote:
> Hi Michael,
>> right, this might makes sense for formats. But I would argue with 
>> another usecase, namely Custom Authentication
>> instead of HTTP authentication (BASIC or DIGEST).
>> Let's assume a resource is protected and a server would like to offer 
>> custom authentication, e.g. it would send
>> a HTML to a regular browser and some WebDAV specific XML to a WebDAV 
>> enabled client, whereas I haven't digged into
>> WebDAV far enough how something like this could be handled by the 
>> WebDAV spec.
> as Julian pointed out, this form of authentication is not covered by 
> any specification, 

I think that's what confused me resp. I wanted to mix stuff which I have 
to agree doesn't make sense.

> so there is no reliable way for a generic client to handle it anyway 

well, if there would be a standard than I don't think this should be a 
problem. My suggestion would be that
the client sends a WWW-Authenticate header of its supported 
authentication schemes to the server and
the server then checks if one of the client's suggested authentication 
schemes is support by the server
and is able to respond appropriately resp. responding with an exception 
in the sense, that none of the suggested
authentication schemes is supported.

It seems to me that "WWW-Authenticate" is similar to "Accept" and that 
the client should make this suggestion first
and let the server react to it.

> (besides the fact that authentication has nothing to do with WebDAV).


Thanks for clarifying

> Regards,
> Manfred

Michael Wechner
Wyona      -   Open Source Content Management   -    Apache Lenya
http://www.wyona.com                      http://lenya.apache.org
michael.wechner@wyona.com                        michi@apache.org
+41 44 272 91 61
Received on Monday, 3 July 2006 13:51:20 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:40 UTC