- Keystroke flow in X.org
- TreePath
- Package Management
- Linux Kernel Development
- How to cut ISP support costs
- Systems Administration
- The Ultimate Development Workstation
- HTTP 1.2 -- What it needs
- HTTP Authentication: Solutions and Futures
- HTTP Authentication: Solutions and Futures Introduction
- Optional HTTP Authentication
- HTTP Authentication User Interface
- Inadequate Logout functionality in HTTP Authentication
- Single sign-on for HTTP Authentication
- Lack of Internationalisation in HTTP Authentication
- Poor software support for HTTP Authentication
Delicious
Digg
StumbleUpon
Propeller
Reddit
Magnoliacom
Newsvine
Furl
Facebook
Google
Yahoo
Technorati
IcerocketPoor software support for HTTP Authentication
Posted November 27th, 2007 by wayland
This article summarises the bugs that plague HTTP Authentication. These have all been mentioned elsewhere in the series, but I've grouped them here by software.
I should probably mention here that none of the changes listed below require RFC changes. I'll summarise the suggested RFC changes in a separate article.
Server changes required
Apache is the only piece of server software that I have investigated. I'll leave further investigations up to others, but I assume similar changes will need to be made elsewhere.
- Support optional HTTP Authentication; see Optional HTTP Authentication
- Support UTF-8 headers; see Lack of Internationalisation in HTTP Authentication
Client changes required
- Implement "Log out" and "Change User" buttons, and an "Authentication Manager"; see No Logout Button for HTTP Authentication
- Support UTF-8 headers; see Lack of Internationalisation in HTTP Authentication
- Internet Explorer only: Fix Digest Authentication; see Single sign-on for HTTP Authentication
Bookmark/Search this post with:
- wayland's blog
- Login or register to post comments
- Printer-friendly version
