Hi,
With several of our web applications, when a user is authenticated, the
webserver sets the 'Auth-User' HTTP header to the name of the authenticated
user.
Can anyone
tell me if Auth-User originates in a w3c specification or some other
standard? I've checked the HTTP RFCs, but haven't found any
reference. I find Apache, iPlanet, and IIS all set this header so I
imagine it is defined in a spec or simply a de facto
standard.
I'm working
with some Web Single Sign On software that sets another HTTP header, not
auth-user, which is causing problems for a lot of web applications. I
suspect this isn't compliant to some standard but want to be sure before I
discuss with the vendor.
Chris
Constantino
Programmer
Analyst
U.S. Army
Tank-automotive & Armaments Command
Warren,
MI