www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Nottingham <m...@akamai.com>
Subject Re: other/6111: ab auth slightly broken
Date Fri, 07 Jul 2000 18:40:01 GMT
The following reply was made to PR other/6111; it has been noted by GNATS.

From: Mark Nottingham <mnot@akamai.com>
To: jroller@mediaone.net
Cc: apbugs@apache.org
Subject: Re: other/6111: ab auth slightly broken
Date: Fri, 7 Jul 2000 11:31:05 -0700

 This isn't an Apache bug; rfc2617 clearly states that the auth scheme is
 case-insensitive;
 
 1.2 Access Authentication Framework
 
    HTTP provides a simple challenge-response authentication mechanism
    that MAY be used by a server to challenge a client request and by a
    client to provide authentication information. It uses an extensible,
    case-insensitive token to identify the authentication scheme,
    followed by a comma-separated list of attribute-value pairs which
    carry the parameters necessary for achieving authentication via that
    scheme.
 
       auth-scheme    = token
       auth-param     = token "=" ( token | quoted-string )
 
 
 Cheers,
 
 
 -- 
 Mark Nottingham, Senior Developer
 Akamai Technologies (San Mateo, CA)

Mime
View raw message