RE: cgi authorization


> Apparently, according to RFC2616, the 401 response you received should have
> included a "WWW-Authenticate:" header. This header contains the challenge. The
> response to the challenge would, it seems, be entered in the "Authorization:"
> header on a subsequent request.

This is right. The header you have to supply is 

    Authorization: <username:password>

(without the < and >). As I understand it, the username/password pair
must be base-64 encoded.


<?> Internet applications consulting & development
<m> +44 (0)79 6715 5849

Received on Wednesday, 21 June 2000 10:43:51 UTC