Auth-User from Constantino, Chris CONT TACOM-WRN/RSL on 2006-02-22 (www-talk@w3.org from January to February 2006)

From: Constantino, Chris CONT TACOM-WRN/RSL <Chris.Constantino@us.army.mil>
Date: Wed, 22 Feb 2006 11:59:11 -0500
To: "'www-talk@w3.org'" <www-talk@w3.org>
Message-ID: <C58FCC20EC53E94EB642202E5D7B0DC312FE69AD@damib1mail03>

Hi,
  With several of our web applications, when a user is authenticated, the
webserver sets the 'Auth-User' HTTP header to the name of the authenticated
user.
 
  Can anyone tell me if Auth-User originates in a w3c specification or some
other standard?  I've checked the HTTP RFCs, but haven't found any
reference.  I find Apache, iPlanet, and IIS all set this header so I imagine
it is defined in a spec or simply a de facto standard.
 
  I'm working with some Web Single Sign On software that sets another HTTP
header, not auth-user, which is causing problems for a lot of web
applications.  I suspect this isn't compliant to some standard but want to
be sure before I discuss with the vendor.
 
Chris Constantino
Programmer Analyst
U.S. Army Tank-automotive & Armaments Command
Warren, MI

Received on Thursday, 23 February 2006 04:27:32 UTC