Guess I can but I know it works because I used fiddler to modify the
request to add the realm part and it worked
On Aug 7, 2012 11:28 PM, "Andrew Arnott" <andrewarnott<andrewarn...@gmail.com>
> I'm not familiar enough with the HTTP spec to say whether the realm="" is
supposed to be required or not (or even if it specifies one way or the
> But I don't object to including this bit in the HTTP response from DNOA.
> If you happen to be able to build DNOA yourself, can you try applying the
change to this file and reporting back as to whether it fixed the issue?
> Consider sending a pull request with the fix if it works.
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the
death your right to say it." - S. G. Tallentyre
>> The reason I discovered this, is I am using SoapUI to create
backwards compatibility tests.
>> It cannot validate a correct invalid_client response because it can't
read it. The realm should be blank.
>> It should be:
>> WWW-Authenticate: Basic realm=""
>> I couldn't tell if this is required by the spec, but browsers support
both ways. But the java class doesn't.
>> You received this message because you are subscribed to the Google
Groups "DotNetOpenAuth" group.
>> To view this discussion on the web visit
>> To post to this group, send email to email@example.com.
>> To unsubscribe from this group, send email to
>> For more options, visit this group at
> You received this message because you are subscribed to the Google Groups
> To post to this group, send email to firstname.lastname@example.org.
> To unsubscribe from this group, send email to
> For more options, visit this group at