[Zope-PAS] Challengers (and Zope 3)
Jim Fulton
jim at zope.com
Thu Sep 30 13:46:53 EDT 2004
Lennart Regebro wrote:
> Jim Fulton wrote:
>
...
> Having several WWW-Authenticate headers usually seem to work, just try
> putting in several WWW-Authenticate: Basic headers. Yup, you'll get
> several login dialogs. ;)
Do you mean that the browser actually presents multiple dialogs
for the same request?
> But that may not be considered mixing
> protocols...
No, that would be multiple challenges using the same protocol.
The intended use case is not to provide the same challenge multiple
times, but to provide multiple challenges (e.g. NTLM, Digest, Basic, etc.
> So, you might say that one might want to mix protocols.
Actually, I'm looking for a definition of protocols that says they
can't be mixed. Essentially, I want to use protocols as a way of
modeling what sorts of challenges can abd cannot be mixed.
Challenges can be mixed if they come from the same protocol.
They cannot be mixed otherwise.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope-PAS
mailing list