RE: Authentication: multiple challenges?

[Jerome Louvel]

Hi Rhett,

You are correct. This could be a good enhancement for 1.2. Do you want to
enter a RFE in our issue tracker?

I think it will require changes to ChallengeRequest, Guard and to the
parsing/formatting logic in the engine.

Best regards,
Jerome  

 -Message d'origine-
 De : Rhett Sutphin [mailto:[EMAIL PROTECTED] 
 Envoyé : mardi 4 mars 2008 19:38
 À : discuss@restlet.tigris.org
 Objet : Authentication: multiple challenges?
 
 Hi,
 
 According to RFC2616 section 14.47, it should be possible to have  
 multiple challenges in a WWW-Authenticate header.  I can't see a way  
 to achieve that with Restlet.  Is there a way?
 
 Context:  I'm trying to protect a collection of resources with both  
 HTTP Basic and a custom token-based authentication scheme.  If it's  
 not possible to have multiple challenges, I'll just challenge with  
 Basic and then accept either form.
 
 Thanks,
 Rhett

Re: Authentication: multiple challenges?

[Rhett Sutphin]

Hi Jerome,

On Mar 5, 2008, at 3:41 AM, Jerome Louvel wrote:

You are correct. This could be a good enhancement for 1.2. Do you  
want to

enter a RFE in our issue tracker?


Done: http://restlet.tigris.org/issues/show_bug.cgi?id=457 .

Rhett

Authentication: multiple challenges?

[Rhett Sutphin]

Hi,

According to RFC2616 section 14.47, it should be possible to have  
multiple challenges in a WWW-Authenticate header.  I can't see a way  
to achieve that with Restlet.  Is there a way?


Context:  I'm trying to protect a collection of resources with both  
HTTP Basic and a custom token-based authentication scheme.  If it's  
not possible to have multiple challenges, I'll just challenge with  
Basic and then accept either form.


Thanks,
Rhett