[whatwg] Solving the login/logout problem in HTML

Thomas Broyer t.broyer at gmail.com
Thu Nov 27 09:15:12 PST 2008


On Thu, Nov 27, 2008 at 5:56 PM, Julian Reschke wrote:
> Thomas Broyer wrote:
>>
>> I don't really mind, as long as the server is able to say "I give you
>> this thing to you anonymous user, but you can also authenticate (e.g.
>> to be proposed more features)". This is the exact use-case many web
>> site (including most if not all e-commerce web sites) are facing, and
>> it'd be cool that it could be dealt with at the HTTP level.
>
> Yes, I agree that this is a valid use case. I think "Vary: Authentication"
> is sufficient for a client to detect that authenticating will indeed have an
> effect.
>
> What else do we need?

A challenge ! ;-)

...so that the UA knows *how* to authenticate (hence the
"WWW-Authenticate in 200" suggestion)


-- 
Thomas Broyer



More information about the whatwg mailing list