class type auth_session =
represents an authenticated session
method auth_scheme :
The authentication scheme, e.g. "basic"
method auth_domain :
The list of domain URIs defines the protection space.
method auth_realm :
method auth_user :
The user identifier
method auth_in_advance :
Whether "authentication in advance" is enabled
method authenticate :
http_call -> (string * string) list
Returns a list of additional headers that will authenticate
the passed call for this session. (This is usually only one
If the call is authenticated in advance, it does not contain
any authentication information. If the call is authenticated
in reaction to a 401 status, the response header contains
method invalidate :
http_call -> bool
The session is notified that authentication failed. (This
method is not called for authentication-in-advance, but only
if an authentication attempt after a 401 status failed.)
The method can return
if another authentication should
be started immediately.
Note: By returning
true the session can indicate a "stale"
condition in the sense of RFC 2617.