![]() ![]() Minimally should include the host name, but might indicate the users or group that have access.Ī quoted, space-separated list of URI prefixes that define all the locations where the authentication information may be used. String indicating which username/password to use. The client is expected to select the most secure of the challenges it understands (note that in some cases the "most secure" method is debatable). This new request uses the Authorization header to supply the credentials to the server, encoded appropriately for the selected "challenge" authentication method. Multiple challenges are allowed in one receiving the WWW-Authenticate header, a client will typically prompt the user for credentials, and then re-request the resource. This response must include at least one WWW-Authenticate header and at least one challenge, to indicate what authentication schemes can be used to access the resource (and any additional data that each particular scheme needs). Note: This header is part of the General HTTP authentication framework, which can be used with a number of authentication schemes.Įach "challenge" lists a scheme supported by the server and additional parameters that are defined for that scheme type.Ī server using HTTP authentication will respond with a 401 Unauthorized response to a request for a protected resource.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |