hello,we are having some issues with weird WWW-Authenticate header sent from web app to browsers. Would you be please able to give me an authoritative list of all WWW-Authenticate values accepted by Internet Explorer 6.0, 7.0 and 8.0 with the related SSPI provider used to obtain the credentials?I mean those like Basic, Digest, Negotiate etc.thank you very much.ondrej.

Hi,not sure if this will help you much but according to "Negotiate and Nego2 HTTP Authentication Protocol"<!----> description (http://msdn.microsoft.com/en-us/library/dd356479(PROT.10).aspx) WWW-Authenticate values should be conformant with RFC 2617.Also following links could be useful http://msdn.microsoft.com/en-us/library/aa292114(VS.71).aspx, http://msdn.microsoft.com/en-us/library/aa479391.aspx. RegardsMartin

Hi Ondrej, Internet Explorer 7 and IE8 changes the precedence rules for WWW-Auth. Previous releases of Internet Explorer used the first header encountered. Internet Explorer 7 uses the first header except when the header is Basic. Internet Explorer 7 uses Basic authentication if no other authentication mechanism is present. Also, this is more of a development question; it’s suggested to submit a new post in the MSDN forum to get more suggestions. They are the best resource for this kind of problem. MSDN Forum http://forums.microsoft.com/MSDN/default.aspx?SiteID=1 Thanks. This posting is provided "AS IS" with no warranties, and confers no rights.