Re: Authentication

From: Dan Winship <danw gnome org>
To: Egon Andersen <ean talura dk>
Cc: libsoup-list gnome org
Subject: Re: Authentication
Date: Mon, 10 Jan 2011 09:41:08 -0500

On 01/07/2011 12:40 PM, Egon Andersen wrote:
> I'm doing authentication in my libsoup based server.
> When authentication fails, the server responds with status-code 401
> Unauthorized.
> That will cause the browser to open the login dialog box.
> This is quite annoying in cases where I e.g. use XMLHttpRequest()

Hm... what browser? There was some discussion of using exactly this
trick on the IETF HTTP mailing list a while back, and it seems to work
in most places:

http://lists.w3.org/Archives/Public/ietf-http-wg/2010JanMar/0190.html

(If you're using WebKitGTK, you'll need libsoup >= 2.32.1.)

> Are there any way I can change the status-code to 403, without having to
> make my complete own authentication mechanism (which I would of course
> like to avoid)?

Not really. You could connect to notify::status-code on the message, and
if someone changes it to 401, re-change it to 403. There's no way to
make SoupAuthDomain/SoupServer use 403 instead of 401 though, because
that pretty much totally violates the spec.

-- Dan

Follow-Ups:
- Re: Authentication
  - From: Egon Andersen

References:
- Authentication
  - From: Egon Andersen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]