This applet allows the user to inspect, add and
delete authorization records that are used in order to authenticate the user
to servers when necessary. It can be invoked explicitly either by entering
the special URL
about:authorization
into a
corresponding input field or by other means such as the
"View Menu". The applet is also invoked
automatically when an authentication request is recognized within a
response.
The authorization manager provides an HTML interface that presents a list of all URL prefixes for which an authorization record is currently defined. The checkbox in front of a URL prefix may be used to mark that record for deletion, which can finally be initiated by using a submit button that is provided at the bottom of the list.
New authorization records can be added to the list by the use of an additional formular that is placed at the bottom of the HTML page. A text input field for the required URL prefix to which the new record should apply as well as text input fields for a user-id and a password are provided. Submitting the form causes the new record to be added to the list of authorization records, which is finally presented in the response.
The authorization records are logically associated to the request headers as defined within the dialog "Request Settings" and are shared among all request contexts, so that any modification made by the authorization manager has an immediate effect on all request contexts that are used by application windows or other windows created by them.
All currently defined authorization records are also included in the configuration file of w3browse when it is saved on demand. But note that when re-reading the configuration settings, a new instance of authorization records is created that does not affect the request contexts of already opened windows or other windows created by them.
This applet is part of all
request processing chains. For
this reason, the namespace of URLs is not
limited by this applet in any other way as to catch and respond to
about:authorization
and to
intercept responses that request authentication.