WWW-Authenticate - HTTP 编辑
The HTTP WWW-Authenticate response header defines the authentication method that should be used to gain access to a resource.
The WWW-Authenticate header is sent along with a 401 Unauthorized response.
| Header type | Response header |
|---|---|
| Forbidden header name | no |
Syntax
WWW-Authenticate: <type> realm=<realm>[, charset="UTF-8"]
Directives
- <type>
- Authentication type. A common type is "Basic". IANA maintains a list of Authentication schemes.
- realm=<realm>
- A description of the protected area. If no realm is specified, clients often display a formatted hostname instead.
- charset=<charset>
- Tells the client the server's preferred encoding scheme when submitting a username and password. The only allowed value is the case insensitive string "UTF-8". This does not relate to the encoding of the realm string.
Examples
Typically, a server response contains a WWW-Authenticate header that looks like this:
WWW-Authenticate: Basic realm="Access to the staging site", charset="UTF-8"
See also HTTP authentication for examples on how to configure Apache or nginx servers to password protect your site with HTTP basic authentication.
Specifications
| Specification | Title |
|---|---|
| RFC 7235, section 4.1: WWW-Authenticate | HTTP/1.1: Authentication |
| RFC 7617 | The 'Basic' HTTP Authentication Scheme |
Browser compatibility
BCD tables only load in the browser
See also
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论