1 files changed, 46 insertions, 0 deletions

diff --git a/doc/protocol.txt b/doc/protocol.txt
new file mode 100644
index 0000000..05e32f2
--- /dev/null
+++ b/doc/protocol.txt
@@ -0,0 +1,46 @@
+
+                    HTTP/AUTH PROTOCOL
+
+The protocol used between the stateful authenticator and the web servers
+that wish to authenticate is described below. It's a simple text protocol,
+similar to HTTP. The web servers send commands and headers to the daemon,
+which replies with HTTP codes and headers.
+
+Multiple authentication requests can be processed on the same connection,
+although the connection is not stateful. A authentication request initially
+processed through one connection to the daemon can later be completed
+through another. The commands are described below.
+
+AUTH method uri
+
+  The AUTH command asks the daemon to perform authentication
+  for a given set of headers.
+
+  method: is the authentication type. It might be 'NTLM'.
+  uri: the URI being authenticated.
+
+  The AUTH command is followed by HTTP headers, one per line
+  until a blank line is found. These should contain the
+  authentication headers for the authentication protocol being
+  used. Extraneous headers are ignored.
+
+  If multiple HTTP headers with the same name are received, then
+  the last one is used. Note that this is somewhat different than
+  the HTTP protocol.
+
+QUIT
+
+  This closes the connection to the daemon.
+
+
+The response from the daemon consists of an HTTP code, followed by headers
+one per line. Note that only the headers to be added for authentication are
+returned. For example:
+
+  401
+  Header: value
+  Header2: value
+
+Success returns a 200, just like normal HTTP. Note that success can contain
+headers that must also be sent to the client.
+