You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+44Lines changed: 44 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -196,6 +196,50 @@ With the previous example the following happens:
196
196
197
197
All up, this is an example to show how to use authentication, it's been defined to allow flexibility.
198
198
199
+
The webserver supports having multiple authentication methods or credentials for the same route. Each pair of authentication method plus credentials should have its own method in the controller:
- If there are no matching methods, a not-found response (404) is returned.
236
+
- If authentication information is passed in the header of the request, then only methods that require authentication are considered. If one of the method's credentials matches the credentials passed in the request, that method is called. Otherwise a non-authorized response (401) will be returned.
237
+
- If no authentication information is passed in the header of the request:
238
+
- If one of the methods does not require authentication, that method is called.
239
+
- Otherwise a non-authorized response (401) will be returned. If one of the methods requires basic authentication, the `WWW-Authenticate` header is included to request credentials.
240
+
241
+
If two or more methods match the authentication method and credentials of the request, an internal server error is returned with a list of the methods.
0 commit comments