[whatwg] Solving the login/logout problem in HTML
t.broyer at gmail.com
Thu Nov 27 09:15:12 PST 2008
On Thu, Nov 27, 2008 at 5:56 PM, Julian Reschke wrote:
> Thomas Broyer wrote:
>> I don't really mind, as long as the server is able to say "I give you
>> this thing to you anonymous user, but you can also authenticate (e.g.
>> to be proposed more features)". This is the exact use-case many web
>> site (including most if not all e-commerce web sites) are facing, and
>> it'd be cool that it could be dealt with at the HTTP level.
> Yes, I agree that this is a valid use case. I think "Vary: Authentication"
> is sufficient for a client to detect that authenticating will indeed have an
> What else do we need?
A challenge ! ;-)
...so that the UA knows *how* to authenticate (hence the
"WWW-Authenticate in 200" suggestion)
More information about the whatwg