Hi Bruno, As long as there's only one Authorization header, the client doesn't > need to specify a realm, as the server knows what realm the access > resource belongs to. But you're right in your analysis: the fact that > the realm isn't specified in the client request makes it highly probable > that you cannot specify several Authorization headers, as if that was > possible, the server would have to guess the right login/password pair > by trying all the Authorization headers until one of them works... > Pretty flawed solution IMHO. ;-) > > Right Bruno, when I was at lunch I was thinking the same thing, in case the server will receive more Authorization headers, well... it will have an embarrassing of riches :))
> Regards, > > Bruno > > -- > - Service Hydrographique et Oceanographique de la Marine - DMGS/INF > - 13, rue du Chatellier - CS 92803 - 29228 Brest Cedex 2, FRANCE > - Phone: +33 2 98 22 17 49 - Email: bruno.tregu...@shom.fr > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Vincenzo D'Amore email: v.dam...@gmail.com skype: free.dev mobile: +39 349 8513251
