On Fri, Sep 24, 2010 at 12:37 PM, Matt Warden <mwarden at gmail.com> wrote: > On Fri, Sep 24, 2010 at 2:14 PM, Hassan Schroeder > <hassan.schroeder at gmail.com> wrote: > >> What HTTP status code do you return? > > > > 401 would seem most appropriate. > > +1 > What value should be included with the WWW-Authenticate header in this case? -- Bill Moseley moseley at hank.org