#2 — Provide support for A+A via Header parameter
State | Confirmed |
---|---|
Version: | 1.2 |
Area | Authentication and Authorisation |
Issue type | Bug |
Severity | Medium |
Submitted by | Sopasakis Pantelis |
Submitted on | Nov 15, 2010 |
Responsible | Sopasakis Pantelis |
Target release: | 1.2 |
Last modified on
Nov 22, 2010
by
Sopasakis Pantelis
We have to provide support for authentication/authorization using Header parameters. So clients are not any more supposed to provide their credentials or tokens as URL parameters but using the Header. This practise is a W3C recommendation and documented in RFC 2616 ( http://www.w3.org/[…]/rfc2616-sec14.html#sec14.8 ).
Added by
Sopasakis Pantelis
on
Nov 22, 2010 02:40 PM
Issue state:
Unconfirmed
→
Confirmed
No responses can be added.