httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vincenzo D'Amore" <v.dam...@gmail.com>
Subject Re: [users@httpd] Authenticating with subfolders
Date Tue, 21 May 2013 13:18:59 GMT
Hi Bruno,

As long as there's only one Authorization header, the client doesn't
> need to specify a realm, as the server knows what realm the access
> resource belongs to. But you're right in your analysis: the fact that
> the realm isn't specified in the client request makes it highly probable
> that you cannot specify several Authorization headers, as if that was
> possible, the server would have to guess the right login/password pair
> by trying all the Authorization headers until one of them works...
> Pretty flawed solution IMHO. ;-)
>
>
Right Bruno, when I was at lunch I was thinking the same thing, in case the
server will receive more Authorization headers, well... it will have an
embarrassing of riches :))


> Regards,
>
> Bruno
>
> --
> - Service Hydrographique et Oceanographique de la Marine  -  DMGS/INF
> -  13, rue du Chatellier -  CS 92803  - 29228 Brest Cedex 2, FRANCE
> -     Phone: +33 2 98 22 17 49  -  Email: Bruno.Treguier@shom.fr
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


-- 
Vincenzo D'Amore
email: v.damore@gmail.com
skype: free.dev
mobile: +39 349 8513251

Mime
View raw message