Re: Authenticating with subfolders

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Bruno,

As long as there's only one Authorization header, the client doesn't
need to specify a realm, as the server knows what realm the access
resource belongs to. But you're right in your analysis: the fact that
the realm isn't specified in the client request makes it highly probable
that you cannot specify several Authorization headers, as if that was
possible, the server would have to guess the right login/password pair
by trying all the Authorization headers until one of them works...
Pretty flawed solution IMHO. ;-)


Right Bruno, when I was at lunch I was thinking the same thing, in case the server will receive more Authorization headers, well... it will have an embarrassing of riches :))
 
Regards,

Bruno

--
- Service Hydrographique et Oceanographique de la Marine  -  DMGS/INF
-  13, rue du Chatellier -  CS 92803  - 29228 Brest Cedex 2, FRANCE
-     Phone: +33 2 98 22 17 49  -  Email: Bruno.Treguier@xxxxxxx

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




--
Vincenzo D'Amore
email: v.damore@xxxxxxxxx
skype: free.dev
mobile: +39 349 8513251
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux