Authorization Manager

This applet allows the user to inspect, add and delete authorization records that are used in order to authenticate the user to servers when necessary. It can be invoked explicitly either by entering the special URL about:authorization into a corresponding input field or by other means such as the "View Menu". The applet is also invoked automatically when an authentication request is recognized within a response.

Managing Authorization Records

The authorization manager provides an HTML interface that presents a list of all URL prefixes for which an authorization record is currently defined. The checkbox in front of a URL prefix may be used to mark that record for deletion, which can finally be initiated by using a submit button that is provided at the bottom of the list.

New authorization records can be added to the list by the use of an additional formular that is placed at the bottom of the HTML page. A text input field for the required URL prefix to which the new record should apply as well as text input fields for a user-id and a password are provided. Submitting the form causes the new record to be added to the list of authorization records, which is finally presented in the response.


The authorization records are logically associated to the request headers as defined within the dialog "Request Settings" and are shared among all request contexts, so that any modification made by the authorization manager has an immediate effect on all request contexts that are used by application windows or other windows created by them.

All currently defined authorization records are also included in the configuration file of w3browse when it is saved on demand. But note that when re-reading the configuration settings, a new instance of authorization records is created that does not affect the request contexts of already opened windows or other windows created by them.


This applet is part of all request processing chains. For this reason, the namespace of URLs is not limited by this applet in any other way as to catch and respond to about:authorization and to intercept responses that request authentication.