• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

Http Digest Authentication and HttpsClient Authentication

 
Ranch Hand
Posts: 152
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello all,
I am very sorry if this a silly question. But what are the different types of authentication? and what exactly is Http Digest Authentication and Https Client authentication. can i get an article which can give me some information about the different authentication mechanisms?
thanks in advance.
 
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here's is a very quick explanation:
authentication mechanism:
Digest: it is more secure than basic authentication (read basic auth explanation) because the password is sent in MD5 format. But it is not supported by all browsers and the servlet spec doesn't force the containers to implement it.

HTTPS Client: This authentication uses secure socket layer. An SSL connection is established between client-server and all data is sent encrypted. It is the most expensive to implement though.
Basic: Very basic. Username/password is sent in plain text. have you tried accessing web pages and always get a pop up window asking you for a username/pwd for a particular realm. Well, that's basic authentication, in most cases.
FORM-based: It's the same as basic authentication, but you have a bit more flexibility. You can create your own html form (just to improve the look and feel of the user interface -basic authentication does not allow you to modify the pop up window-). Again, password is sent in plain text.
A very quick explanation. You might want to search separately each term, you probably find more results that way.
HTH
 
knowledge is the difference between drudgery and strategic action -- tiny ad
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic