Connected: An Internet Encyclopedia
14.46 WWW-Authenticate

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 2068
Up: 14 Header Field Definitions
Prev: 14.45 Warning
Next: 15 Security Considerations

14.46 WWW-Authenticate

14.46 WWW-Authenticate

The WWW-Authenticate response-header field MUST be included in 401 (Unauthorized) response messages. The field value consists of at least one challenge that indicates the authentication scheme(s) and parameters applicable to the Request-URI.

          WWW-Authenticate  = "WWW-Authenticate" ":" 1#challenge

The HTTP access authentication process is described in section 11. User agents MUST take special care in parsing the WWW-Authenticate field value if it contains more than one challenge, or if more than one WWW-Authenticate header field is provided, since the contents of a challenge may itself contain a comma-separated list of authentication parameters.


Next: 15 Security Considerations

Connected: An Internet Encyclopedia
14.46 WWW-Authenticate