On 8/21/06, Bobby Rullo <[EMAIL PROTECTED]> wrote:
This is an important distinction because one of the things that is being discussed is whether password-protected collections also need a ticket in the URL. It is hard to discuss this if we use ticket and URL synonymously.
the ticket would always be required, because the ticket bears a privilege on the resource to which the ticket is granted. a password by itself would authenticate the user, but in absence of a ticket, the server would not know what access to give the user. _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Open Source Applications Foundation "Design" mailing list http://lists.osafoundation.org/mailman/listinfo/design
