- From: Claire Agnew <clagnew@dodo.com.au>
- Date: Tue, 27 Jul 2004 11:58:03 +1000
- To: "'Matthew Smith'" <matt@kbc.net.au>, <w3c-wai-ig@w3.org>
Hi Matthew HTTP Authentication is my preferred method - for the reasons you give. Instead of the pop-up a scripting language can be used to manage the HTTP Authentication process (providing login and logout functionality via a web page). Cheers Claire -----Original Message----- From: w3c-wai-ig-request@w3.org [mailto:w3c-wai-ig-request@w3.org] On Behalf Of Matthew Smith Sent: Tuesday, 27 July 2004 11:27 AM To: WAI Interest Group Subject: Accessibility of Pages Requiring Sign-In Hi All I would be interested to hear peoples thoughts on the following two methods of protecting pages: 1) HTTP Basic Authentication For me, this is the easiest type to use when coding an application - Apache (the web server software) looks after everything for me. With graphical user agents, the sign-in appears as a pop-up. Does this not cause a problem with screen readers working with Mozilla/IE/etc. ? The only other flaw that this has, in my mind, is a security one rather than one of accessiblity; as the user agent tends to cache the authentication information, there is no real way to "log out" without closing the user agent. 2) Cookie Authentication This would appear quite friendly from a user perspective, but what if the user agent does not support cookies? It appears to me that neither solution is totally accessible, so what should one do? Cheers M -- Matthew Smith Kadina Business Consultancy South Australia --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.726 / Virus Database: 481 - Release Date: 22/07/2004
Received on Monday, 26 July 2004 21:57:55 UTC