http_401_authrequired.tmpl
|
Status: 401 Authorization Required
<TMPL_VAR NAME="http_401_headers">
<TMPL_INCLUDE NAME="header.tmpl">
<div id="main">
<h2 id="skip">ÀÎÁõÀÌ ÇÊ¿äÇÔ</h2>
<p>ÁöÁ¤ÇÑ URL ¿¡ Á¢¼ÓÇϱâ À§ÇÑ ÀÎÁõ¿¡ ½ÇÆÐ Çß½À´Ï´Ù.</p>
<p>
°Ë»ç¸¦ À§ÇØ ¿äûÇÑ <<a href="<TMPL_VAR NAME="http_401_url">"><TMPL_VAR NAME="http_401_url"></a>>
¿¡ ´ëÇÏ¿© 401 "ÀÎÁõÀÌ ÇÊ¿äÇÔ" ÀÀ´äÀ» ¹Þ¾Ò½À´Ï´Ù.
</p>
<p>
»ç¿ëÀÚ À̸§°ú ºñ¹Ð¹øÈ£¸¦ ºê¶ó¿ìÀúÀÇ ÇÁ·ÒÇÁÆ®¿¡ ³ÖÀ» ¼ö ÀÖ½À´Ï´Ù. ÀÌ Á¤º¸¸¦
Á¦°øÇß´Ù¸é, validator ´Â ÀÌ ¸®¼Ò½º¿¡ Á¢±ÙÇϱâ À§ÇÏ¿© ´ç½ÅÀÇ ¼¹ö¿¡
ÀÎÁõÀ» À§ÇÏ¿© ÀÌ Á¤º¸¸¦ º¸³»°Ô µË´Ï´Ù. ´Ù½Ã ½ÃµµÇϱâ À§Çؼ´Â ºê¶ó¿ìÀúÀÇ
"reload" ±â´ÉÀ» ÀÌ¿ëÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù.
</p>
<p>
Of course, you may not want to trust me with this information,
which is fine. I can tell you that I don't log it or do
anything else nasty with it, and you can <a href="source/">download the
source code for this service</a> to see what it does, but you have no
guarantee that this is actually the code I'm using; you basically have to
decide whether to trust me or not :-)
¹°·Ð ´ç½ÅÀÌ Validator ¿¡ »ç¿ëÀÚÀ̸§°ú ºñºô¹øÈ£¸¦ º¸³»´Â °ÍÀ» ½Å·ÚÇÏÁö ¾ÊÀ»¼öµµ
ÀÖ½À´Ï´Ù. ±×·¯³ª Validator ´Â ´ç½ÅÀÇ Á¤º¸¸¦ ±â·ÏÇϰųª ´Ù¸¥ ¸ñÀûÀ¸·Î »ç¿ëÇÏÁö
¾ÊÀ½À» ¾Ë·Á µå¸³´Ï´Ù. ÇÊ¿äÇÏ´Ù¸é <a href="source/">ÀÌ ¼ºñ½ºÀÇ ¼Ò½ºÄÚµå</a>¸¦
´Ù¿î ¹Þ¾Æ¼ »ìÆ캸¼Åµµ ÁÁ½À´Ï´Ù¸¸ ´ç½ÅÀÌ Á¤¸» Á¦°¡ ÀÌ ¼Ò½º¸¦ ÀÌ¿ëÇؼ ¼ºñ½º¸¦
ÇÏ´ÂÁö¿¡ ´ëÇÑ È®½ÅÀÌ ¾øÀ»¼öµµ ÀÖ½À´Ï´Ù. Validator ¸¦ ½Å·ÚÇÒÁö ¾Æ´ÒÁö´Â ´ç½ÅÀÌ
±âº»ÀûÀ¸·Î ¼±ÅÃÇÏ¼Å¾ß ÇÕ´Ï´Ù. :-)
</p>
<p>
You should also be aware that the way we proxy this authentication
information defeats the normal working of HTTP Authentication.
If you authenticate to server A, your browser may keep sending
the authentication information to us every time you validate
a page, regardless of what server it's on, and we'll happily pass
that on to the server thereby making it possible for a malicious
server operator to capture your credentials.
¿ì¸®°¡ »ç¿ëÇÏ´Â ÀÎÁõ ÇÁ¶ô½Ã ¹æ½ÄÀÌ ÀÏ¹Ý HTTP ÀÎÁ¤¹æ½Ä¶§¹®¿¡ ¾Ç¿ëµÉ ¼öµµ
ÀÖ½À´Ï´Ù. ¸¸¾à ´ç½ÅÀÌ ÀÎÁõ Á¤º¸¸¦ A ¼¹ö·Î º¸³½´Ù¸é, ºê¶ó¿ìÁî´Â ¸Å¹ø ¾î¶²
ÆäÀÌÁö¸¦ °Ë»ç ÇÒ ¶§¸¶´Ù Á¤º¸°¡ ¾î¶² ¼¹ö¿¡ ÀÖ´ÂÁö »ó°ü¾øÀÌ ´ç½ÅÀÇ
ÀÎÁõÁ¤º¸¸¦ ¿ì¸®¿¡°Ô º¸³À´Ï´Ù. ¿ì¸®´Â ±×³É ±× Á¤º¸¸¦ ¼¹ö¿¡°Ô º¸³»´Âµ¥,
ÀÌ·ÎÀÎÇÏ¿© ±× ¼¹ö¸¦ ¿î¿µÇÏ´Â »ç¶÷ÀÌ ´ç½ÅÀÇ Áß¿äÇÑ Á¤º¸¸¦ ¾òÀ»¼öµµ ÀÖ½À´Ï´Ù.
</p>
<p>
Due to the way HTTP Authentication works there is no way we can
avoid this. We are using some "tricks" to fool your client into
not sending this information in the first place, but there is no
guarantee this will work. If security is a concern to you, you
may wish to avoid validating protected resources or take extra
precautions to prevent your browser from sending authentication
information when validating other servers.
HTTP ÀÎÁõ¹æ½Ä ¶§¹®¿¡ À̹®Á¦¸¦ ÇÇÇÒ ¼ö´Â ¾ø½À´Ï´Ù. ¿ì¸®´Â ¾à°£ÀÇ Æ®¸¯À»
ÀÌ¿ëÇÏ¿© ¿©·¯ºÐÀÇ ºê¶ó¿ìÁî°¡ ¿©·¯ºÐÀÇ ÀÎÁõÁ¤º¸¸¦ º¸³»Áö ¾Êµµ·Ï ÇÕ´Ï´Ù.
±×·¯³ª Ç×»ó ÀÌ ¹æ¹ýÀÌ Àß µ¿ÀÛÇÒÁö¿¡ ´ëÇÑ º¸ÀåÀº ¾ø½À´Ï´Ù. ¸¸¾à º¸¾ÈÀÌ ¿°·Á
µÈ´Ù¸é ¾ÆÀ̵ð¿Í ºñ¹Ð¹øÈ£ µîÀ¸·Î º¸È£µÈ ¸®¼Ò½º´Â °Ë»çÇÏÁö ¾Ê°Å³ª ºê¶ó¿ìÁ
»ç¿ëÇÒ¶§ ÀÎÁõ Á¤º¸¸¦ ´Ù¸¥ ¼¹ö¿¡ º¸³»Áö ¾Êµµ·Ï ÁÖÀÇ Çϱ⠹ٶø´Ï´Ù.
</p>
<p>
Also note that you shouldn't use HTTP Basic Authentication for
anything which really needs to be private, since the password
goes across the network unencrypted.
Áß¿äÇÑ Á¤º¸¸¦ À§Çؼ´Â Àý´ë HTTP Basic ÀÎÁ¤¹æ¹ýÀ» »ç¿ëÇÏÁö ¸¶½Ê½Ã¿À.
´ç½ÅÀÇ ºñ¹Ð ¹øÈ£°¡ ¾ÏÈ£È µÇÁö ¾ÊÀº »óÅ¿¡¼ ³×Æ®¿öÅ© »çÀÌ¿¡ Àü´ÞµË´Ï´Ù.
</p>
</div><!-- End of "main" -->
<TMPL_INCLUDE NAME="footer.tmpl">
|
He who has imagination without learning has wings but no feet.    
|
