posted 18 years ago
Those are different modes of authentication if you use HTTP authentication. Through the getUserPricipal, getAuthType and isUserInRole methods you can find out if and how a user has been authenticated.
Basic means through the browser username/password dialog.
Form means through a username/password web page.
Digest sends the authentication info not in cleartext, but digested (i.e., kind of encrypted). (I'm, not actually sure if current browsers support this.)
Client-Certificate means the user has sent a personal certificate; the strongest form of authentication.