cURL / Mailing Lists / curl-library / Single Mail


Re: Authentication credentials ignored after second incorrect request

From: Daniel Stenberg <>
Date: Tue, 12 Jul 2011 23:33:53 +0200 (CEST)

On Mon, 11 Jul 2011, abc def wrote:

> using the wrong user:password on purpose for testing. The first request is
> correctly challenged with a 401 + Authenticate header. The challenge
> response correctly consists of the Authorization header. As the password
> supplied is wrong, I send a 401 + Authenticate header again. This results
> in an "Authentication problem. ignoring..."

> I want to know if the simulated client(curl) is written to behave this way
> or if Im doing something wrong. I am of the opinion that is should have
> responded with the authorization header again.

Sorry but I don't understand. Why would it respond again? When you sent back
the 401 again it was a signal that the password is wrong, sending it again
from the client won't help! It needs to fail to the user so that the user can
provide a new password and a second attempt can be made.

List admin:
Received on 2011-07-12