Page 1 of 1
About Question enthuware.jwpv6.2.892 :
Posted: Fri Jun 06, 2014 8:50 am
by deadlock_gr
Is the answer to this correct?
I think that the realm is independent of the login mechanism. It simply defines users, groups and group memberships.
Re: About Question enthuware.jwpv6.2.892 :
Posted: Fri Jun 06, 2014 9:32 am
by admin
Yes, it is correct because when you use the "basic" authentication mechanism, you are presented with a "realm" within which your credentials are relevant. This is as per
http://www.ietf.org/rfc/rfc2617.txt
HTH,
Paul.
Re: About Question enthuware.jwpv6.2.892 :
Posted: Fri Jun 06, 2014 9:36 am
by deadlock_gr
In the link you specify, it says:
"The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge."
In other words, regardless the way you give your credentials (BASIC, Form etc), those credentials will be validated against a realm.
Re: About Question enthuware.jwpv6.2.892 :
Posted: Fri Jun 06, 2014 11:22 am
by admin
You are right. I misunderstood it. Thanks for pointing it out.
All except client-cert. Client-cert doesn't issue a challenge.