Accessibility of Pages Requiring Sign-In

Hi All

I would be interested to hear peoples thoughts on the following two methods of 
protecting pages:

1) HTTP Basic Authentication
For me, this is the easiest type to use when coding an application - Apache (the 
web server software) looks after everything for me.

With graphical user agents, the sign-in appears as a pop-up.  Does this not 
cause a problem with screen readers working with Mozilla/IE/etc. ?

The only other flaw that this has, in my mind, is a security one rather than one 
of accessiblity; as the user agent tends to cache the authentication 
information, there is no real way to "log out" without closing the user agent.


2) Cookie Authentication
This would appear quite friendly from a user perspective, but what if the user 
agent does not support cookies?


It appears to me that neither solution is totally accessible, so what should one do?

Cheers

M

-- 
Matthew Smith
Kadina Business Consultancy
South Australia

Received on Monday, 26 July 2004 21:26:57 UTC