On 2/19/09 1:37 PM, "kellan" <[email protected]> wrote:
> On Thu, Feb 19, 2009 at 2:23 PM, Eran Hammer-Lahav <[email protected]>
> wrote:
>>
>> Are there any providers our there without support for the Authorization
>> header (as a way to send OAuth parameters)?
>
> I could launch one if that would help.
That's nice.
>> Any reason why Service Providers should not be required to support it?
>
> Didn't we spend quite a bit of time discussing this?
We didn't. We discussed other requirements but the auth header was always an
afterthought when the spec was written. It was a nice-to-have.
>> Are there any providers who do not return the WWW-Authenticate response
>> header with 401 replies?
>
> Flickr API doesn't. We support several auth protocols, not all of
> which have defined behaviors for 401/WWW-Authenticate.
Is there a reason why?
EHL
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---
