Date: Sat, 13 Dec 2003 19:35:43 -0700 From: Brett Glass <brett@lariat.org> To: bruce@nikkel.com Cc: security@freebsd.org Subject: Re: s/key authentication for Apache on FreeBSD? Message-ID: <6.0.0.22.2.20031213193447.04e80930@localhost> In-Reply-To: <20031211101551.GA27435@nikkel.com> References: <6.0.0.22.2.20031210115335.04c2fc50@localhost> <20031210093927.70c87960.amonk@gnutec.com> <6.0.0.22.2.20031210124332.04e94ac0@localhost> <16343.33321.632599.190251@oscar.buszard-welcher.com> <6.0.0.22.2.20031210173916.04f57be8@localhost> <20031211101551.GA27435@nikkel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:15 AM 12/11/2003, bruce@nikkel.com wrote: >If the basic auth string was not included in an http request, the >webserver would generate a error 401 (Unauthorized). Check out RFC 2617 >(HTTP Authentication: Basic and Digest Access Authentication). True. But does it authenticate again? Or merely recognize that you're the same person you were before and let you through? --Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.2.20031213193447.04e80930>