[aerogear-dev] 'WWW-Authenticate' header on 401 response
Matthias Wessendorf
matzew at apache.org
Tue Oct 2 04:34:22 EDT 2012
adding a subject :)
On Tue, Oct 2, 2012 at 10:33 AM, Matthias Wessendorf <matzew at apache.org> wrote:
> Hi Bruno,
>
> when issuing a HTTP request against a protected resource (I am not
> logged in), I am getting 401 (fine), but I don't see a
> 'WWW-Authenticate' header on the response. I also don't see any info
> on this in the security roadmap (see [1]). Was there a special reason
> to leave it out? I ask b/c usually that header is sent for basic,
> digest or even oauth on the response header.
>
> Thanks,
> Matthias
>
> [1] http://staging.aerogear.org/docs/planning/1.0.0/AeroGearSecurity/
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
More information about the aerogear-dev
mailing list