Page 334 - HTTP权威指南

P. 334

基本认证
(a)查询
GET /cgi-bin/checkout?cart=17854 HTTP/1.1
客户端服务器
(b)质询
HTTP/1.1 401 Unauthorized
客户端 WWW-Authenticate: Basic realm="Shopping Cart" 服务器
Shopping Cart
Username:
Password:
(c)响应
GET /cgi-bin/checkout?cart=17854 HTTP/1.1
客户端 Authorization: Basic YnJpYW4tdG90dHk6T3ch 服务器

(d)成功
HTTP/1.1 200 OK
客户端 ... 服务器

摘要认证
(e)查询
GET /cgi-bin/checkout?cart=17854 HTTP/1.1
客户端服务器
(f)质询
HTTP/1.1 401 Unauthorized
客户端 WWW-Authenticate: Digest 服务器
Shopping Cart realm="Shopping Cart"
qop="auth,auth-int"
Username: nonce="66C4EF58DA7CB956BD04233FBB64E0A4"
Password:
(g)响应
GET /cgi-bin/checkout?cart=17854 HTTP/1.1
客户端 Authorization: Digest 服务器
username="bri"
realm="Shopping Cart"
nonce="66C4EF58DA7CB956BD04233FBB64E0A4"
uri="/cgi-bin/checkout?cart=17854"
qop="auth"
nc=0000001,
cnonce="CFA9207102EA210EA210FFC1120F6001110D073"
response="E483C94FOB3CA29109A7BA83D10FE519"
(h)成功
HTTP/1.1 200 OK
Authorization-Info: nextnonce= 服务器
"29FE72D109C7EF23841AB914F0C3B831"
qop= ÒauthÓ
rspauth="89F5A4CE6FA932F6C4DA120CEB754290"
cnonce="CFA9207102EA210EA210FFC1120F6001110D073"
...

图 13-3 基本认证与摘要认证的语法对比

摘要认证｜ 309

329 330 331 332 333 334 335 336 337 338 339