• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Http Digest Authentication and HttpsClient Authentication  RSS feed

Ranch Hand
Posts: 152
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello all,
I am very sorry if this a silly question. But what are the different types of authentication? and what exactly is Http Digest Authentication and Https Client authentication. can i get an article which can give me some information about the different authentication mechanisms?
thanks in advance.
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here's is a very quick explanation:
authentication mechanism:
Digest: it is more secure than basic authentication (read basic auth explanation) because the password is sent in MD5 format. But it is not supported by all browsers and the servlet spec doesn't force the containers to implement it.

HTTPS Client: This authentication uses secure socket layer. An SSL connection is established between client-server and all data is sent encrypted. It is the most expensive to implement though.
Basic: Very basic. Username/password is sent in plain text. have you tried accessing web pages and always get a pop up window asking you for a username/pwd for a particular realm. Well, that's basic authentication, in most cases.
FORM-based: It's the same as basic authentication, but you have a bit more flexibility. You can create your own html form (just to improve the look and feel of the user interface -basic authentication does not allow you to modify the pop up window-). Again, password is sent in plain text.
A very quick explanation. You might want to search separately each term, you probably find more results that way.
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!