HTTP/AUTH PROTOCOL The protocol used between the stateful authenticator and the web servers that wish to authenticate is described below. It's a simple text protocol, similar to HTTP. The web servers send commands and headers to the daemon, which replies with HTTP codes and headers. Multiple authentication requests can be processed on the same connection, although the connection is not stateful. A authentication request initially processed through one connection to the daemon can later be completed through another. The commands are described below. AUTH method uri The AUTH command asks the daemon to perform authentication for a given set of headers. method: is the authentication type. It might be 'NTLM'. uri: the URI being authenticated. The AUTH command is followed by HTTP headers, one per line until a blank line is found. These should contain the authentication headers for the authentication protocol being used. Extraneous headers are ignored. If multiple HTTP headers with the same name are received, then the last one is used. Note that this is somewhat different than the HTTP protocol. QUIT This closes the connection to the daemon. The response from the daemon consists of an HTTP code, followed by headers one per line. Note that only the headers to be added for authentication are returned. For example: 401 Header: value Header2: value Success returns a 200, just like normal HTTP. Note that success can contain headers that must also be sent to the client.