Geoff Hutchison wrote:
>
> On Thu, 30 Sep 1999, Frank Guangxin Liu wrote:
>
> > Today I found htdig failed to index a site which requires no
> > authentication. To narrow the problem, I set
>
> It *doesn't* require authentication?
>
> > Header line: Server: Microsoft-IIS/4.0
>
> > it can index this site without a problem. Now it seems to
> > me htdig may need to do another try if password failed
> > by the server.
>
> But you see, this is a server bug. My reading of the HTTP standard is that
> it *can* send the authentication even if the URL doesn't require it. Most
> servers don't seem to have a problem with this--they ignore the
> Authentication header.
>
> IIS apparently disagrees.
>
> The problem with trying again w/o a password is that this would only work
> for IIS servers. For everyone else, it would just be a redundant HTTP
> connection.
>
> It's a tricky situation. Technically, browsers send a request, then
> realize they need the authentication, then send another response. This
> would solve the problem, but for any site that needs authentication, it
> would require twice as many HTTP connections. You might not notice for a
> browser, but when indexing hundreds or thousands of URLs, it'll be a
> performance hit.
I agree with Geoff. However, I can think of a solution here.
A new configuration directive that - like "start_url" - sets the
start URLs for anything on a server that requires authentication.
This directive could be treated optional for most servers but IIS.
cheers,
Torsten
--
InWise - Wirtschaftlich-Wissenschaftlicher Internet Service GmbH
Waldhofstra�e 14 Tel: +49-4101-403605
D-25474 Ellerbek Fax: +49-4101-403606
E-Mail: [EMAIL PROTECTED] Internet: http://www.inwise.de
------------------------------------
To unsubscribe from the htdig mailing list, send a message to
[EMAIL PROTECTED] containing the single word unsubscribe in
the SUBJECT of the message.
