On Fri, Apr 22, 2005 at 09:11:28AM +0100, Chris Withers wrote:
| Sidnei da Silva wrote:
|
| >Well, my use-case is actually for WebDAV. So you won't just visit a
| >different part of the site at random. I'm currently trying to
| >understand if this would be a problem for WebDAV too.
|
| Neverthele
Sidnei da Silva wrote:
Well, my use-case is actually for WebDAV. So you won't just visit a
different part of the site at random. I'm currently trying to
understand if this would be a problem for WebDAV too.
Nevertheless, since you're in the code alrady, can you add the big
comment explaining why i
Lennart Regebro wrote:
I don't think that's the case. I have a specific requirement on the
project I'm currently working on to know who the current user is, even
if the something is anonymously accessible.
So you *allow* authorization, and use it, but you don't *require* it.
No. I was to authentica
On Thu, Apr 21, 2005 at 01:11:57PM +0100, Chris Withers wrote:
| Indeed. So, this explains the reason why incorrect auth credentials
| result in an anoymous user rather than an auth failure. Read that way, I
| think it should stay that way, unless anyone can suggest anything better.
| However, it
On 4/21/05, Chris Withers <[EMAIL PROTECTED]> wrote:
> > If it's accessible by anonymous that is the same as not requiring
> > authorization.
>
> I don't think that's the case. I have a specific requirement on the
> project I'm currently working on to know who the current user is, even
> if the s
Lennart Regebro wrote:
Supposedly you would not be able to access that part of the site until
you authenticate against it. Isn't that the case now?
Assuming it requires authentication, yes.
And if it doesn't require authentication?
It would fail, since you supplied incorrect authentication. That's
On Wed, Apr 20, 2005 at 06:22:10PM +0200, Lennart Regebro wrote:
> On 4/20/05, Chris Withers <[EMAIL PROTECTED]> wrote:
> > Lennart Regebro wrote:
> > >>Supposedly you would not be able to access that part of the site until
> > >>you authenticate against it. Isn't that the case now?
> > >
> > > Ass
On 4/20/05, Chris Withers <[EMAIL PROTECTED]> wrote:
> Lennart Regebro wrote:
> >>Supposedly you would not be able to access that part of the site until
> >>you authenticate against it. Isn't that the case now?
> >
> > Assuming it requires authentication, yes.
>
> And if it doesn't require authent
Lennart Regebro wrote:
Supposedly you would not be able to access that part of the site until
you authenticate against it. Isn't that the case now?
Assuming it requires authentication, yes.
And if it doesn't require authentication?
Also, what determines whether it requires authentication? authorisa
On 4/20/05, Sidnei da Silva <[EMAIL PROTECTED]> wrote:
> Supposedly you would not be able to access that part of the site until
> you authenticate against it. Isn't that the case now?
Assuming it requires authentication, yes.
The main problem here is that Internet Explorer doesn't allow you to
log
On Tue, Apr 19, 2005 at 11:06:05PM -0400, Paul Winkler wrote:
| > Again:
| >
| > - Not sending credentials is fine for anonymous pages
| > - Sending valid credentials is fine for all pages
| > - Sending invalid credentials should fail as early as possible.
|
| What should happen if your credentia
On Tue, Apr 19, 2005 at 11:53:33PM -0300, Sidnei da Silva wrote:
> On Wed, Apr 20, 2005 at 12:38:42PM +1000, Richard Jones wrote:
> | On Wed, 20 Apr 2005 12:09 pm, Sidnei da Silva wrote:
> | > - If you want to access a anonymous page, you will *not* be sending
> | > auth credentials.
> |
> | Why
On Wed, Apr 20, 2005 at 12:38:42PM +1000, Richard Jones wrote:
| On Wed, 20 Apr 2005 12:09 pm, Sidnei da Silva wrote:
| > - If you want to access a anonymous page, you will *not* be sending
| > auth credentials.
|
| Why do you say that? Cooke auth doesn't distinguish between anonymous pages
| a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 20 Apr 2005 12:09 pm, Sidnei da Silva wrote:
> - If you want to access a anonymous page, you will *not* be sending
> auth credentials.
Why do you say that? Cooke auth doesn't distinguish between anonymous pages
and pages that require a user
14 matches
Mail list logo
