Absolutely Nothing inside the spec says in any other case, and often you can't utilize a 401 in that problem because returning a 401 is barely authorized in case you incorporate a WWW-Authenticate header. Like a hacker, you could perform for an MSSP, offering them a viewpoint they couldn’t get http://pigpgs.com