Kyle Marvin wrote on 7/6/2006, 10:15 AM: > On 7/5/06, John Panzer <[EMAIL PROTECTED]> wrote: ... The GData protocol doesn't use RFC 2617's WWW-Authenticate: > > header (AFAIK). > > I think a 2617 reference would be appropriate and useful. The > authentication model associated with GData services does follow the > 2617 Access Authentication Framework (issues WWW-Authenticate response > challenges, expects corresponding Authorization request headers w/ > token info, etc).
Great! Thanks for the correction. I should've used View Source: > 1 HTTP/1.0 401 Unauthorized > 2 WWW-Authenticate: AuthSub > realm="https://www.google.com/accounts/AuthSubRequest"; On thing that's nice about this is that well behaved tools who don't understand AuthSub, but do understand WWW-Authenticate, at least report a halfway useful error like "Unknown authentication scheme". -John
