- From: Yves Lafon <ylafon@w3.org>
- Date: Wed, 18 Mar 1998 18:12:57 +0100 (MET)
- To: Paul Pazandak <pazandak@OBJS.com>
- cc: Jigsaw Email List <www-jigsaw@w3.org>
On Wed, 18 Mar 1998, Paul Pazandak wrote: > Is it possible to generate a username & password dialog (on the client) within a filter as > part of an auxiliary authorization mechanism (the same dialog that appears when logging > into the Admin pages on the server)? I would like to be able to do this independent of > any Jigsaw authorization mechanisms -- e.g. ask a client for a username/password before > letting them see a document. The best way should be to use the Proxy Authentication. It then allow users to browse pages with "normal" authentication From the server... If the Proxy-Authorization field is not present and do not contain the right values, it should return a HTTP.PROXY_AUTH_REQUIRED (407). And a Proxy-Authenticate header, (same as WWW-Authenticate field in an "unauthorized" answer, see GenericAuthFilter). > Second, IF the user already provided a username/password (for site access let's say, using > Jigsaw auth mechanisms), is there a way for the filter to access this information? Yes, the Proxy-Authorization field will be there (requested by the filter). We use a trick to check the user taken from an AuthFilter in w3c.jigsaw.filters.PutListResource (org.w3c.filters.PutListFrame). Regards, /\ - Yves Lafon - World Wide Web Consortium - /\ / \ Architecture Domain - Jigsaw / \ \/\ / \ / \ http://www.w3.org/People/Lafon - ylafon@w3.org
Received on Wednesday, 18 March 1998 12:13:55 UTC