> On 2018-10-01, at 2:19 PM, Ron Teitelbaum <ron at usmedrec.com> wrote:
> 
> Hi Tim,
> 
> Here are the basics: https://en.wikipedia.org/wiki/Digest_access_authentication 

Interesting; it even seems like a good idea. I'd never have thought of looking for 'digest authentication'!

> 
> What did you get back from on the 401?  Check headers on WebResponse.

an OrderedCollection('server'->'nginx/1.14.0' 'date'->'Mon, 01 Oct 2018 21:23:35 GMT' 'content-type'->'application/json; charset=UTF-8' 'transfer-encoding'->'chunked' 'connection'->'keep-alive' 'expires'->'Wed, 11 Jan 1984 05:00:00 GMT' 'cache-control'->'no-cache, must-revalidate, max-age=0' 'x-robots-tag'->'noindex' 'link'->'<https://astropicase.com/wp-json/>; rel="https://api.w.org/"' 'x-content-type-options'->'nosniff' 'access-control-expose-headers'->'X-WP-Total, X-WP-TotalPages' 'access-control-allow-headers'->'Authorization, Content-Type' 'x-endurance-cache-level'->'2')

No 'WWW-Authenticate' entry to trigger the auth process.

> 
> Are you behind a proxy server?  Maybe Proxy-Authenticate.

Not so far as I know or can tell.



tim
--
tim Rowledge; tim at rowledge.org; http://www.rowledge.org/tim
Compromise, says Prof. Trefusis, is stalling between two fools