代理授權失敗的HTTP響應代碼

Question

代理授權失敗的HTTP響應代碼應該是什麼？我知道407是請求代理授權的響應代碼。但是，一旦客戶端向代理髮送認證信息，並且如果它不正確，代理應該返回什麼？如果它返回401響應代碼，那麼客戶端將如何識別代理上的身份驗證失敗，而不是終端資源？

Answer 1

好，如果有一個401保護資源的授權失敗，服務器只是另一個401響應：

Request URL:https://mysite.com/myresource/ 
Request Method:GET 
Status Code:401 Authorization Required 

Request Headers 

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 
Accept-Encoding:gzip,deflate,sdch 
Accept-Language:en-US,en;q=0.8 
Authorization:Digest username="gjggj", realm="apps", nonce="75602afa895d26f9796f3c9174cf83f3", uri="/misc/apps/", algorithm=MD5, response="9e113b10d3e95b590bdef0fc7c7c617b", qop=auth, nc=00000001, cnonce="61f73b73f6b33ea2" 
Cache-Control:max-age=0 
Connection:keep-alive 
Host:game-point.net 
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17 

Response Headers 

Cache-Control:no-cache 
Connection:close 
Content-Length:534 
Content-Type:text/html 
Date:Wed, 13 Feb 2013 11:07:26 GMT 
Pragma:no-cache 
Server:Cherokee/1.0.8 (Debian GNU/Linux) 
WWW-Authenticate:Digest realm="apps", nonce="75602afa895d26f9796f3c9174cf83f3", qop="auth", algorithm="MD5" 

所以我說要對付407授權失敗是路儘管瀏覽器已發送授權信息，但服務器仍以407狀態碼進行響應;這表明代理仍然需要授權，並且僅僅因爲您仍然獲得407狀態代碼而意味着授權失敗。

Answer 2

從官方機構：

http://www.ietf.org/rfc/rfc2617.txt

If the origin server does not wish to accept the credentials sent 
with a request, it SHOULD return a 401 (Unauthorized) response. The 
response MUST include a WWW-Authenticate header field containing at 
least one (possibly new) challenge applicable to the requested 
resource. If a proxy does not accept the credentials sent with a 
request, it SHOULD return a 407 (Proxy Authentication Required). The 
response MUST include a Proxy-Authenticate header field containing a 
(possibly new) challenge applicable to the proxy for the requested 
resource.