- From: Yves Lafon <ylafon@w3.org>
- Date: Wed, 18 Mar 1998 18:12:57 +0100 (MET)
- To: Paul Pazandak <pazandak@OBJS.com>
- cc: Jigsaw Email List <www-jigsaw@w3.org>
On Wed, 18 Mar 1998, Paul Pazandak wrote:
> Is it possible to generate a username & password dialog (on the client) within a filter as
> part of an auxiliary authorization mechanism (the same dialog that appears when logging
> into the Admin pages on the server)? I would like to be able to do this independent of
> any Jigsaw authorization mechanisms -- e.g. ask a client for a username/password before
> letting them see a document.
The best way should be to use the Proxy Authentication. It then allow
users to browse pages with "normal" authentication
From the server...
If the Proxy-Authorization field is not present and do not contain the
right values, it should return a HTTP.PROXY_AUTH_REQUIRED (407).
And a Proxy-Authenticate header, (same as WWW-Authenticate field in an
"unauthorized" answer, see GenericAuthFilter).
> Second, IF the user already provided a username/password (for site access let's say, using
> Jigsaw auth mechanisms), is there a way for the filter to access this information?
Yes, the Proxy-Authorization field will be there (requested by the
filter). We use a trick to check the user taken from an AuthFilter in
w3c.jigsaw.filters.PutListResource (org.w3c.filters.PutListFrame).
Regards,
/\ - Yves Lafon - World Wide Web Consortium -
/\ / \ Architecture Domain - Jigsaw
/ \ \/\
/ \ / \ http://www.w3.org/People/Lafon - ylafon@w3.org
Received on Wednesday, 18 March 1998 12:13:55 UTC