Hi Rhett, You are correct. This could be a good enhancement for 1.2. Do you want to enter a RFE in our issue tracker?
I think it will require changes to ChallengeRequest, Guard and to the parsing/formatting logic in the engine. Best regards, Jerome > -----Message d'origine----- > De : Rhett Sutphin [mailto:[EMAIL PROTECTED] > Envoyé : mardi 4 mars 2008 19:38 > À : discuss@restlet.tigris.org > Objet : Authentication: multiple challenges? > > Hi, > > According to RFC2616 section 14.47, it should be possible to have > multiple challenges in a WWW-Authenticate header. I can't see a way > to achieve that with Restlet. Is there a way? > > Context: I'm trying to protect a collection of resources with both > HTTP Basic and a custom token-based authentication scheme. If it's > not possible to have multiple challenges, I'll just challenge with > Basic and then accept either form. > > Thanks, > Rhett