previous | start | next

HTTP/1.0 Authentication

Most users of the Web will have at some time attempted to access a page, and been presented with a dialogue something like:
Netscape ByPassword dialog box on Unix client
An initial HTTP attempt to access a "password protected" Web page of this type (without providing suitable "authentication" information) will generate an HTTP error message together with a Web page which explains the nature of the error. Typically the response headers will contain: 
HTTP/1.1 401 Authorization Required
Date: Wed, 17 Mar 2004 01:17:56 GMT
Server: Apache/1.2.6
WWW-Authenticate: Basic realm="ByPassword"
Last-Modified: Mon, 15 Mar 2004 00:43:51 GMT
....etc....
In HTTP/1.0, only the Basic authentication method was available, as used in this example.
 
Upon receiving this error, the Web browser will normally pop up a dialog box similar to the above, collect a user-ID and password from the user, and then retry the request with an additional "Authorization: " request header containing the additional information.
 
Lecture 06: Applications #3.2: HTTP Copyright © 2005 P.Scott, La Trobe University Bendigo.

previous | start | next