Maurizio Lotauro wrote: > Scrive DZ-Jay <[EMAIL PROTECTED]>: > >> Maurizio Lotauro wrote: >>> Scrive Fastream Technologies <[EMAIL PROTECTED]>: > > [...] > >>>> 24.01.2006 13:31:57 From Remote >>>> >>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: Digest Basic >>>> realm=localhost/%3EFastream.com/, uri="localhost/%3EFastream.com/", >>>> qop="auth,auth-int", nonce="MjAwNi0wMS0yNCAxMzozMTo1Nw==", >>>> opaque="ETimpfFSr8qhbccexiZCu80UjTzQdMUmMm"..Content-Length: >>> Why Basic is right after Digest? It shold be in a separate header line: >>> >>> WWW-Authenticate: Digest realm=... >>> WWW-Authenticate: Basic realm=... >> As far as I know, you may list them in the same header in the order of >> preference. Setting them in different headers will just squash them >> into a flat list on the client-side. So these two are the same: >> >> WWW-Authenticate: Digest Basic realm="foo" > > Are you sure? I quickly reread the rfc and it say that more that one > challange > could be specified in the header, but a challenge is defined as > > challenge = auth-scheme 1*SP 1#auth-param > > So the question is if the Basic must be specified after tha last parameter of > Digest. > In any case the realm is defined as quoted-string but in the above header is > written without quote. > > As side note, the THttpCli doesn't expect more than one challenge per header. > How often is used from servers to specify more that one challenge per header? > > > Bye, Maurizio. > > ---------------------------------------------------- > This mail has been sent using Alpikom webmail system > http://www.alpikom.it >
-- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
