[Osr-101] What's the Neutron-Auth header good for?

Thomas Comiotto comiotto at rcfmedia.ch
Tue Aug 8 12:04:04 CEST 2006 

>
>
> it's not about  the client, but about the server. If the server just 
> receives a regular GET request how should it be able to out figure
> what kind of authentication the client supports. If you can answer me 
> this question then I am happy to remove it, but we have discussed
> this several times and nobody had an answer.
>

No. We did discuss and even made a point I think. But you didn't agree 
(or maybe you just didn't listen).

The server has to know that it deals with a neutron request not only in 
case of authentication. So how do you deal with that? You do so by 
either looking at the user-agent header or by assuming that all command 
urls given by some  introspection file are requested by a neutron 
client. As I said before and as Andi did too, the latter is just fine.

Neutron clients SHOULD support basic/digest (since they are http 
clients), they MUST support neutron authorization exceptions since they 
are neutron clients.

I guess what you're trying to achieve is to reuse existing server 
code/cmd-urls for open/checkout/save/checkin. But except of the "open" 
command that's pointless because you will have to deal with the rest of 
the neutron exception types too.

I might misunderstand you. If so please provide an example 
request/response chain for where the custom WWW-Authenticate header is 
really needed. That example would have to go into the specs too I 
think.

Best wishes,
Thomas


> One must be aware that a server can receive GET requests from all kind 
> of clients ...
>
> Thanks
>
> Michi
>
>>
>> I'd remove the header.
>>
>> Thanks,
>> Thomas
>>
>>
>>
>>> cheers
>>>
>>> Michi
>>>
>>>>
>>>>
>>>> -- 
>>>> Bests
>>>> Thomas
>>>>
>>>>
>>>> _______________________________________________
>>>> Osr-101 mailing list
>>>> Osr-101 at wyona.org
>>>> http://wyona.com/cgi-bin/mailman/listinfo/osr-101
>>>>
>>>
>>>
>>> -- 
>>> Michael Wechner
>>> Wyona      -   Open Source Content Management   -    Apache Lenya
>>> http://www.wyona.com                      http://lenya.apache.org
>>> michael.wechner at wyona.com                        michi at apache.org
>>> +41 44 272 91 61
>>>
>>>
>>
>>
>
>
> -- 
> Michael Wechner
> Wyona      -   Open Source Content Management   -    Apache Lenya
> http://www.wyona.com                      http://lenya.apache.org
> michael.wechner at wyona.com                        michi at apache.org
> +41 44 272 91 61
>
>

More information about the Osr-101 mailing list